Cyber Penetration Tester

il y a 3 semaines

Bruxelles, Région de Bruxelles, Belgique Peraton Temps plein

Responsibilities

Peraton is seeking an experienced, Cyber Penetration Tester - Subject Matter Expert to become part of Peratons' Department of State (DoS) Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable innovative, effective and secure business processes.

Location: Arlington, VA.

In this role, you will:

  • Support the Department of State Red Cell Team by performing and leading penetration tests to assess the security of customer systems.
  • Identify vulnerabilities and develop recommended remediations to satisfy mandated NIST 800-53 security controls.
  • Report and demonstrate findings to system owners and engineers.
  • Maintain Red Cell infrastructure.
  • Develop or modify tools to automate discovery or exploitation.

Qualifications

Basic Qualifications:

  • Bachelor of Science and 16 years of experience, or a Master's of Science and 14 years of experience. In lieu of a degree, 4 years of additional IT security or penetration testing experience may be considered.
  • Minimum of 5 years experience working in and with penetration testing.
  • Possess one of the following certifications, OR be able to obtain before start date:
    • CISSP, Sec+, Net+, A+, MCP, MCSE, CCNA, MCSA
  • Demonstrated experience with Kali Linux.
  • Demonstrated penetration testing tools experience with Nmap, Burp Suite, Metasploit, etc.
  • Demonstrated ability in evaluating vulnerabilities, performing root cause analysis, and reporting findings utilizing assessment methodologies such as NIST SP 800-115, Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), OWASP Web Security Testing Guide (WTG), etc.
  • Demonstrated ability to lead a penetration test and guide Senior/Junior Penetration Testers.
  • U.S. citizenship required.
  • Possess an active Secret security clearance and have the ability to obtain a final Top Secret security clearance.

Preferred Qualifications:

  • Possess an Active Top Secret or TS/SCI clearance.
  • One of the following certifications or an alternate, verifiable certification demonstrating IT security competence:
    • CompTIA CASP+, ISC2 Certified Information Security Professional (CISSP), ISC2 Certified Cloud Security Professional (CCSP), ISC2 Information Systems Security Engineering Professional (ISSEP).
  • One of the following certifications or an alternate, verifiable certification demonstrating practical penetration testing competence:
    • Offensive Security Certified Professional (OSCP), Hack the Box Certified Penetration Testing Specialist (CPTS), TCM Security Practical Network Penetration Tester (PNPT), or GIAC Exploit Researcher and Advanced Penetration Tester (GXPN).
  • Zero Point Security Red Team Ops II
  • Advanced understanding of the following:
    • NIST Risk Management Framework (RMF) and the Assessment and Authorization (A&A) process.
    • Security principles such as CIA, IAAAA, access control models, risk management, etc.
    • Networking principles and technologies such as IP routing, TCP/UDP, VPNs, firewalls, NAT, etc.
    • Common network protocols such as SSH, FTP, SMTP, SMB, HTTP, etc.
    • Operating system principles such as process management, device management, user management, file systems, etc.
    • Data processing principles such as encoding, hashing, encryption, etc.
    • Scripting and programming languages such as Bash, Python, PowerShell, JavaScript, etc.
    • Common application vulnerabilities and exploits such as outdated components, permissions misconfigurations, lack of input validation, logging/monitoring failures, etc.
    • Common web application vulnerabilities and exploits such as XSS, SQLi, LFI, file uploads, broken authentication mechanisms, etc.
    • Active Directory (AD) enumeration and attacks such as kerberoasting, AS-REP roasting, abusing misconfigured privileges, crafting golden tickets, etc.
    • Public Key Infrastructure (PKI) and navigating IT environments implementing multifactor authentication.
    • Cloud technologies and platforms such as Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), etc.

Peraton Overview

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.

Target Salary Range: $176,000 - $282,000. This represents the typical salary range for this position based on experience and other factors.

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.

#J-18808-Ljbffr

  • Penetration Tester

    il y a 7 jours

    Bruxelles, Région de Bruxelles, Belgique Fincons Group Temps plein

    About Fincons GroupFincons Group is a leading IT business consulting company with 40 years of experience. Our mission is to transform knowledge into a strategic resource, and we pursue it with the help of our most strategic asset: our people.We have a complete range of services, from research and consulting to design and development, system integration, and...

  • Cyber and Digital Risk Consultant @ Advisense

    il y a 3 semaines

    Bruxelles, Région de Bruxelles, Belgique Cyber Crime Temps plein

    AdvisenseAdvisense are leading governance, risk and compliance experts, offering best-in-class services and tech solutions to the European industry.About the jobJoin our Belgian team, part of an international group of 500+ experts, where you'll collaborate with a team of 5 employees and a pool of 3-4 freelancers. Together, we specialize in service lines such...

  • Penetration Tester

    il y a 3 semaines

    Bruxelles, Région de Bruxelles, Belgique WIREIT Temps plein

    About the job Penetration TesterWIRE IT is a global company specialized in IT services. We are supported by an experienced team that knows the IT market, allowing our customers to make the best decisions and accomplish their business goals.We are currently looking for a Penetration Tester to join one of our international clients.Location: On-site, Mons,...

  • Senior Penetration Tester

    il y a 3 semaines

    Bruxelles, Région de Bruxelles, Belgique NVISO Security Temps plein

    WHO ARE WE?It all starts with the mission: NVISO is here to protect European society from potentially devastating cyber attacks This means we offer cyber security services to private and governmental organizations to help them better prepare for, prevent, detect, and respond to cyber security incidents.All of this is built on four fundamental values that...

  • Senior Penetration Tester

    il y a 3 jours

    Bruxelles, Région de Bruxelles, Belgique NVISO Temps plein

    WHO ARE WE?It all starts with the mission: NVISO is here to protect European society from potentially devastating cyber attacks This means we offer cyber security services to private and governmental organizations to help the better prepare for, prevent, detect and respond to cyber security incidents.All of this is built on four fundamental values that...

  • Penetration Tester

    il y a 3 semaines

    Bruxelles, Région de Bruxelles, Belgique JOBS Temps plein

    EXPERIENCE AND EDUCATION:Essential Qualifications/Experience:Extensive knowledge and experience (more than 3 years) in the following areas:Web application penetration testingIT infrastructure penetration testingNetwork security architecture designAssessing security vulnerabilities within OS, software, protocols & networksResearching and evaluating security...

  • Cyber Security Specialist Consultant

    il y a 3 jours

    Bruxelles, Région de Bruxelles, Belgique Mercier Consultancy Temps plein

    Mercier Consultancy is seeking a skilled Cyber Security Specialist Consultant to join our dynamic team. In this role, you will be responsible for designing and implementing robust security measures for our clients to protect their digital assets and sensitive information from cyber threats. As a Cyber Security Specialist, you will work closely with clients...

  • C004086 Penetration Tester

    il y a 3 jours

    Bruxelles, Région de Bruxelles, Belgique Park Lane Recruitment Temps plein

    Deadline Date: Friday 11 April 2025   Requirement: Penetration Tester   Location: Mons, BELGIUM    Full Time On-Site: Yes   Time On-Site: 100%   Not to Exceed Rate: 103 EUR   Total Scope of the request (hours): 836   Required Start Date: 26 May 2025   Required Security Clearance: NATO SECRET   Specific Working Conditions:    Normal...

  • Penetration Tester

    il y a 1 semaine

    Bruxelles, Région de Bruxelles, Belgique Egov Select Temps plein

    Environnement de travailIl y a une place vacante dans l'équipe Infosec du domaine Infra-operations et support (IOS) :L'équipe InfoSec fait partie du domaine IOS, chargé des infrastructures, des opérations, et des services de support transversal. Ce domaine a pour objectif d'être un catalyseur en offrant des services cruciaux aux différentes équipes...

  • Penetration Tester

    il y a 3 jours

    Bruxelles, Région de Bruxelles, Belgique Egov Select Temps plein

    Environnement de travail Il y a une place vacante dans l'équipe Infosec du domaine Infra-operations et support (IOS) : L'équipe InfoSec fait partie du domaine IOS, chargé des infrastructures, des opérations, et des services de support transversal. Ce domaine a pour objectif d'être un catalyseur en offrant des services cruciaux aux différentes...

  • Penetration Tester

    il y a 2 jours

    Bruxelles, Région de Bruxelles, Belgique Egov Select Temps plein

    de fonctionEn tant que hacker éthique, vous aurez l'occasion de contribuer significativement à la sécurité des infrastructures informatiques du secteur public en effectuant des tests d'intrusion sur diverses plateformes et infrastructures.Tâches clésIdentifier des vulnérabilités dans les applications web, les API, les plateformes mobiles, les...

  • Penetration Tester

    il y a 2 jours

    Bruxelles, Région de Bruxelles, Belgique Egov Select Temps plein

    La Direction générale Simplification et Digitalisation (DG SD) est à la recherche d'un hacker éthique pour intégrer son équipe InfoSec. Ce poste fait partie du domaine Infra-operations et support (iOS), chargé des infrastructures, des opérations, et des services de support transversal.Description de fonctionEn tant que hacker éthique chez BOSA, vous...

  • Penetration Tester

    il y a 3 jours

    Bruxelles, Région de Bruxelles, Belgique Egov Select Temps plein

    Environnement de travailIl y a une place vacante dans l'équipe InfoSec du domaine Infra-operations et support (iOS) :L'équipe InfoSec fait partie du domaine iOS, chargé des infrastructures, des opérations, et des services de support transversal. Ce domaine a pour objectif d'être un catalyseur en offrant des services cruciaux aux différentes équipes...

  • Penetration Tester

    il y a 1 jour

    Bruxelles, Région de Bruxelles, Belgique Egov Select Temps plein

    Environnement de travail Il y a une place vacante dans l'équipe InfoSec du domaine Infra-operations et support (iOS) : L'équipe InfoSec fait partie du domaine iOS, chargé des infrastructures, des opérations, et des services de support transversal. Ce domaine a pour objectif d'être un catalyseur en offrant des services cruciaux aux différentes...

  • Penetration Tester

    il y a 3 semaines

    Bruxelles, Région de Bruxelles, Belgique Egov Select Temps plein

    Environnement de travail Il y a une place vacante dans l#39;équipe Infosec du domaine Infra-operations et support (IOS) : L#39;équipe InfoSec fait partie du domaine IOS, chargé des infrastructures, des opérations, et des services de support transversal. Ce domaine a pour objectif d#39;être un catalyseur en offrant des services cruciaux aux...

  • Cyber Security Consultant

    il y a 1 jour

    Bruxelles, Région de Bruxelles, Belgique Templeton & Partners - Innovative & Inclusive Hiring Solutions Temps plein

    Freelance Cyber Security Consultant – Brussels (Hybrid)Contract Type: FreelanceDuration: 9 months with an option for extension (long-term projects)Location: Brussels (Hybrid, 2-3 days/week on-site)Your Role & ResponsibilitiesAs a Cyber Security Consultant, you will support an organization in achieving compliance with the Digital Operational Resilience Act...

  • Cyber Security Consultant

    il y a 4 jours

    Bruxelles, Région de Bruxelles, Belgique Montash Temps plein

    Our client a leading global enterprise are currently looking for an experienced Cyber Security Consultant to join their team on a long term contract basis. This is an exciting new opportunity to be part of growing team and work for a global entity. The right person for the role will be an experienced Cybersecurity consultant with expertise in DORA...

  • Cyber Security Risk Management Expert

    il y a 2 jours

    Bruxelles, Région de Bruxelles, Belgique Montash Temps plein

    As a leading global enterprise, Montash is currently seeking an experienced Cyber Security Consultant to join their team on a long-term contract basis. This is an exciting opportunity to be part of a growing team and work with a global entity.The right person for this role will have expertise in DORA compliance to support the company in meeting regulatory...

  • Information Security

    il y a 1 semaine

    Bruxelles, Région de Bruxelles, Belgique Fincons Group Temps plein

    Fincons Group is an IT business consulting company that has been designing the digital future of leading companies on international markets for 40 years. Fincons Group built its reputation on foreseeing and interpreting new business models and the rapid evolution of IT systems by building a complete range of services: from research and consulting to design...

  • Test Manager

    il y a 4 semaines

    Bruxelles, Région de Bruxelles, Belgique V-IT NV Temps plein

    Senior Test Automation and Security Test ManagerLocation:BrusselsLanguage Requirements:Dutch or French, plus English.Start Date:As soon as possible.Contract Duration:Until 31/12/2025, with the possibility of extension.Required Experience:Minimum 5 years of experience as an Analyst/Tester.Experience as a Test Coordinator/Manager.Test Automation:Technical...