KeyLogic has an immediate need for a NASA IV&V Penetration Tester with our NASA team.
At the NASA IV&V Facility, we support NASA’s IV&V Program, delivering analysis and verification & validation of safety-critical and mission-critical software for a number of important NASA programs, including both human and robotic exploration as well as earth and space science collection platforms.
The successful candidate will learn to work independently and as a member of a team in one or more of these IV&V projects or other IV&V Program functional areas.
The IV&V Penetration Tester will be responsible for simulating real-life cyber attacks with the goal of helping an organization improve its security posture. This is a highly technical hands-on role that will utilize development, system administration and creativity skills. It is an opportunity for a team player to enhance a world-class team and learn new skills.
- Conduct host/network/application penetration testing as a member of a technical team
- Perform full-scope penetration tests (discovery and exploitation of vulnerabilities) on network infrastructure, services, systems and desktop/web applications
- Test the exploitation of security policies and access controls in restricted/secure environments (e.g. GPO bypass, privilege escalation and A/V evasion)
- Work extensively from the Windows and UNIX/Linux command line (e.g. Bash and PowerShell)
- Review custom applications source code for security flaws and vulnerabilities
- Possess ability to test, identify and exploit vulnerabilities in web applications without the use of scanning tools
- Research and formulate recommendations for vulnerabilities
- Employ extensive use of Microsoft Office main tools: Word, Excel, PowerPoint and Visio to prepare plans, reports, diagrams, tables, briefings, etc.
- Be able to present, demonstrate, explain and document operational impact of a particular vulnerability or the combination of many vulnerabilities and flaws
- Develop proof-of-concept examples and scenarios for reports and live demonstrations
- Create/document tactic, techniques and procedures (TTP) to train and expand/share knowledge with customers and team members
- Ability to develop presentations and reports, document findings accurately; attention to detail is a vital skill
- Excellent communication and interpersonal skills; ability to convey findings in a tactful manner with the technical proficiency level appropriate to the skills and/or understanding of the audience.
- Critical thinking skills are a must
- Active DoD SECRET clearance is required with the ability to be cleared up to TS/SCI
- 3 years hands-on experience as a penetration tester; ICS/SCADA, Cloud Computing, reverse engineering and exploit development are a plus
- Penetration Test experience and knowledge beyond Metasploit Frameworks and vulnerability scanning tools
- Bachelors degree in Engineering, Applied Science or similar technical discipline is required
- Must have a thorough knowledge beyond common network ports and protocols
Penetration Test certifications like GXPN, OSCP, OSCE are a plus
Apply For This Job
To apply, please visit the following URL:http://www.indeed.com/viewjob?t=Nasa+Penetration+Tester&c=KeyLogic+Systems&l=Fairmont%2C+WV&jk=3e5e9551df25154a&rtk=1dgean8atf323800&from=rss→