Address
Form of workBase-2 Solutions is seeking an experienced Cyber Hunt Specialist that will perform multidiscipline penetration testing of customer systems and global networks, rapid development of domain or problem-specific tools that leverage identified vulnerabilities, and research on the latest exploitation techniques and threat vectors in support of authorized missions and test events.
Qualifications
- Experience performing web application security assessments.
- Experience with TCP/IP protocols as it relates to network security.
- Experience with offensive tool sets including Kali Linux, Metasploit, CobaltStrike, Intercepting Proxies, etc.
- Experience in using network protocol analyzers and sniffers, as well as ability to decipher packet captures.
- Capable of conducting penetration tests on applications, systems and network utilizing proven/formal processes and industry standards.
- Perform penetration tests on computer systems, networks, and applications.
- Create new testing methods to identify vulnerabilities.
- Perform physical security assessments of systems, servers, and other network devices to identify areas that require physical protection.
- Pinpoint methods and entry points an attacker may use to exploit vulnerabilities or weaknesses.
- Search for weaknesses in common software, web applications and proprietary systems.
- Research, evaluate, document, and discuss findings with IT teams and management.
- Review and provide feedback for information security fixes.
- Establish improvements for existing security services, including hardware, software, policies, and procedures.
- Identify areas where improvement is needed in security education and awareness for users.
- Be sensitive to corporate considerations when performing testing (i.e., minimize downtime and loss of employee productivity)
- Knowledgeable on the latest malware and security threats.
- In depth understanding of emerging threats, vulnerabilities, and exploits.
Desired Skills
- Knowledge of federal policies, regulations, and standards
- CISA Cloud Security Technical Reference Architecture
- CISA Zero Trust Maturity Model
- DoD Zero Trust Reference Architecture
- M-22-09 Federal Zero Trust Strategy
- National Security Systems Zero Trust Reference Architecture
- NIST CSWP Planning for a Zero Trust Architecture - A Starting Guide for Administrators
- NIST SP 800-207 Zero Trust Architecture
Education and Experience
- HS/GED 14 years
- Associates Degree 12 years
- Bachelor's Degree 10 years
- Master's Degree 8 years
- PhD 6 years
Required Certifications
- 8750 Cert
- Pen Testing Cert such as Offensive Security Certified Professional (OSCP), CEH, Pentest , or GPEN
Required Clearance
- Active TS w/ SCI eligibility
Desired Clearance
- Active poly
