Penetration Tester (Red Team Operator)

Position Type: Full-Time, Exempt

Work Location: Patuxent River Naval Air Station, MD

Systems Application & Technologies, Inc. (SA-TECH) is a progressive and well-established Department of Defense (DoD) contractor specializing in Range operations and maintenance (O&M); weapons testing; facilities management; aerial, ground and seaborne targets O&M; technical, logistics and other engineering support; systems integration; electronics and communications maintenance services; and a growing cybersecurity business. We are highly focused and, among other efforts, currently operate a dozen active test and/or training ranges for the Army, Air Force and Navy. Our 34-year heritage is founded on supporting complex and diverse DoD programs and we’ve developed a standout reputation for providing the highest quality services, superior workmanship and cost-effective results while achieving complete customer satisfaction.

SA-TECH is currently seeking a Penetration Tester(Red Team Operator) at Patuxent River NAS, MD for the Cyber Test & Evaluation Center of Excellence (CTEC) to support our efforts in NAWCAD’s Cyber Threat Emulation Branch, which is focused on Cyber R&D and Reverse Engineering Analysis and funded directly by Congress. In this role, you'll play a critical part in our national security, helping to harden and secure all of the Navy's aircraft platforms as a Cyber Operator performing on-net adversarial threat emulation (Red Teaming) and penetration testing of airborne platform IT and networks supporting the federal government customer on-site.

Basic Responsibilities (but not limited to):

• Working closely with our government customer, perform adversarial threat emulation (Red Teaming) and penetration testing to assess the performance of aeronautical systems, subsystems, equipment (platform IT), as well as government networks, including Windows domains, Linux systems, switches, routers, and other connected network devices.
• Deliver professional services, including (but not limited to) Cyber Incident Response, Red Team Assessments, Penetration Testing, Wireless Security Assessments, Onsite and Remote Social Engineering, and a variety of custom assessments
• Use a variety of techniques and tools, such as surveillance, close-access operations, and penetration testing to discover cybersecurity flaws and vulnerabilities.
• Examine the full-spectrum of vulnerabilities, including people, processes, and the hardware and software employed and identify issues and vulnerabilities associated with operational networks and programs.
• Assess the security of computer systems/networks by looking for weaknesses and vulnerabilities in target systems, using the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system.
• Execute and support multi-disciplined approaches to conducting penetration tests of networks, support rapid development of domain or problem-specific tools that leverage identified vulnerabilities, support research of the latest exploitation techniques and threat vectors, and assist with the design and configuration of representative test and assessment environments.
• Create and write comprehensive assessment reports that describe the engagement, scope, risks, and remediation recommendations.
• Travel up to 15% of the time to CONUS sites, as needed.

Work Conditions:

• May work and operate in a TS/SCI and SAP/SAR environment and/or Sensitive Compartmented Information Facility (SCIF).
• Most work is accomplished in an office environment utilizing phone, desktop computer and directly interfacing with employees and customers.
• The position will include 80% sitting, 5% reaching, 5% lifting 5% walking & 5% standing.
• Normal work days are Monday thru Friday with typical office hours being 8am-5pm.

Education/Experience/Skills:

• Bachelor's degree in Information Security, Information Technology, Computer Science, Programming, Mathematics and three to five (3-5) years of relevant experience OR a high school diploma or GED plus five to six (5-6) years of in-depth experience that is clearly related to the position may be considered.
• Required Certifications:
  • Either ISC2 Certified Information Systems Security Professional (CISSP) or OCSP (or equivalent)
  • EC-Council Certified Ethical Hacker (C|EH) or equivalent
• Desired Certifications:
  • OSCP or equivalent
  • ISSEP
• Experience with on-net assessments
• Experience operating open source and commercial tools such as Metasploit, Burp Suite, Cobalt Strike, NMAP, Core Impact, etc.
• Working knowledge of IP network protocols, sub-netting, routing, switching, etc.
• Extensive experience with penetrating and exploiting secure networks and systems; currency with new security software packages, security protocols, and computer technologies
• Strong written and oral communication skills; extensive experience with generating reports and assessments
• Experience with conducting data reviews and performing analysis of processes relative to adversary network security
• Familiarity with Security assessment tools (Aircrack-ng, Burp Suite, SQLmap) and Security frameworks (NIST, SOX, HIPPA)
• Solid understating of Operating Systems (Linux, Unix, Windows)
• Basic scripting for the GhostWriter environment
• Solid foundation and advanced knowledge of Information Assurance policy, compliance requirements and related measures including (but not limited to) Protect, Detect, React, Restore and Resilience metrics
• Demonstrate capability to provide over-the-shoulder support and assistance in a highly regulated Red Team “Shooter” environment
• Leveraging LABBENCH + Jupyter to interface with GMAE - TCP/IP: three-way hand-shake, reconstruction
• Versed in Cyber Threat Actor Tactics, Techniques and Procedures (TTPs)
• Deep understanding of Cyber Kill Chain and applicable analytic models such as the Diamond Model
• Network and Internetwork Routing - Domain Name System protocol and architecture
• Knowledge how an Intrusion Detection System, exploitation, implants and beacons work
• Desired Experience:
  • Red Team / adversarial emulations
  • Weapon systems assessments
  • Bash scripting, Python, and/or PowerShell
  • Specializations in web app pen testing
  • WiFi, and/or Software Defined Radio (SDR) hacking
  • Understanding of programming languages (SQL, C ++, JavaScript, Ruby, and Python)
  • Executing Close Access Team (CAT) assessments is a plus.
• Current Driver’s License required; must be able to be insured through company’s vehicle insurance policy while driving work/government/rental vehicles during working hours, and for the duration of employment.
• U.S. Citizenship is required and you must be able to obtain a U.S. DoD Secret Security Clearance prior to your start date and be able to obtain a Top-Secret clearance within a prescribed period of time (please note that the clearance process factors in your financial background).
• All candidates will be required to pass background screening to include SSN, Driver Record, and Criminal Background Investigation.

__________________________________________________________________________________________________________________________

Working at SA-TECH:

As a highly regarded DoD employer, SA-TECH recognizes that our success is indicative of our team members' hard work and dedication towards a common goal… Supporting our Warfighters. Along with unparalleled stability, we have the ingredients for superior performance with a servant leadership mentality that provides an affirmation of purpose and value in a team-oriented positive work environment. As such, we provide a sense of family, competitive pay and employee benefits, along with a strong commitment to the professional development of our workforce and for providing broad career opportunities throughout the United States.

SA-TECH values your contributions and offers a range of benefits to support your overall well-being. We are pleased to offer a comprehensive range of benefits to our full-time employees which include:

• Medical plan with outstanding prescription coverage
• Dental plan with orthodontics
• Vision plan
• 401(k) retirement plan
• Life, accidental death and dismemberment insurance
• Sick leave
• Flexible PTO options
• Additional benefits and incentives may also apply, which will be communicated during the hiring process.

As a recognized top employee experience, working for SA-TECH provides:

• Employee Recognition
• Above-Average Compensation
• Competitive Employee Benefits
• Continuous Training and Professional Development
• Ample Career Advancement and Internal Transfer Opportunities

SA-TECH is an Equal Opportunity/Affirmative Action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity and sexual orientation, national origin, disability status, protected veteran status, or any other characteristic protected by law.