About the Job
SLAIT Consulting is currently seeking a Penetration Tester for our client in Woodlawn, MD.
This is a contract to hire position.
- A minimum of five years of experience with assessing APT threats, Penetration Testing, Vulnerability Management, attack methodologies, forensics analysis techniques, malware analysis, attack surface comprehension, Cyber Threat Emulation operations, Cyber Advanced Threat Emulation Team operations and research, identification, and verification of new APT TTPs.
- Experience with any three of the seven tools listed below:Kali Linux, Metasploit, Burp suite, Cobalt Strike, Tenable Nessus, Web Inspect, Scuba, Appdetective.
- A relevant degree or equivalent, and/or proven operational experience in penetration testing or cyber threat emulation.
- Knowledge and experience in Penetration Testing, SOC support, and coordination with security teams to strengthen the overall security posture in addition to developing mitigations, including signature development and working with incident management teams to better design and implement signatures and response policies and procedures.
- Able to generate threat intelligence indicators during the course of Threat Emulation operations and apply/fine tune them across the enterprise network.
- Research and remain up to date with emerging threats and Threat Emulation methodologies.
- Familiarity with mapping Cyber Key Terrain and generating priority target lists.
- Able to automate tasks and script at a basic level.
- Familiarity with NIST and FISMA compliance.
- Strong proficiency Report writing – a technical writing sample and technical editing test will be required if the candidate has no prior published intelligence analysis reporting
- Provide subject matter expertise support in the detection, analysis, and mitigation of malware, trends in malware development and capabilities, and proficiency with malware analysis capabilities
- Experience developing custom exploits and exploitation tools in support of authorized penetration tests or cyber threat emulation exercises.
- One or more certifications for Analysts: GCIA, GCED, GCFE, GCTI, GNFA, GCIH, CND, ECSA, OSCP, OSEE, OSCE, GCFA, GREM, CHFI, CEH, GPEN, GWAPT, GISF, GXPN
- Experience with analyzing deceptive technologies such as honeynets.
- Ability to work with a cyber network defense organization to improve an organization’s detection capabilities.
- Expertise in policies, industry trends, techniques related to penetration testing.
- Existing Subject Matter Expert of Advanced Persistent Threat or Emerging Threats
We have been growing since 1990 with offices in Virginia and Raleigh, N.C. For over twenty-eight years, we have delivered customized, creative IT solutions for customers in the commercial, and state and local government sectors. We focus on IT staffing only and utilize our strong connections in the industry to obtain the right position for your skills. Our recruiters understand your technical expertise and will align you with a position that will exceed your expectations!
*Staff Augmentation *Managed Services *IT Outsourcing *IT Consulting
Thank you for your consideration, please submit your resume today! Visit us at www.slaitconsulting.com
**Must be able to work for any employer in the United States. No Visa sponsorship.**
SLAIT Consulting is an Equal Opportunity Employer