Penetration Tester

Overview:
Systems Planning and Analysis, Inc. (SPA) delivers high-impact, technical solutions to complex national security issues. As we enter our 50th year in business, we are known for continuous innovation for government customers, both long-established and newly acquired, as our capabilities expand around the globe. Our work is state-of-the-art and made possible only through the best personnel, tools, and jobs in the national security business. We are highly collaborative in spirit and practice, and we freely share expertise across SPA in our quest for enduring solutions to critical concerns. Come work with the best

SPA has an immediate need for a Penetration Tester to provide contracting services to NATO.

**Responsibilities**:
The duties of the individual mainly focus on:

- Lead and/or be part of the Red/Blue Team during NATO military exercises;
- Provide security design reviews to ensure compliance with NATO policies and directives;
- Provide security consultancy and advice to projects, plans, and other entities;
- Build and sustain effective communications with different stakeholders; specifically, the NCIA Configuration Control Board, Security Accreditation Boards, NATO Security Accreditation Authorities, and NCI Agency organization units supporting accreditation processes.
- Brief at both executive and technical levels on security reports and testing outcome, including at flag officer level;
- In co-ordination with the Head of the Penetration testing Cell, ensure proactive collaboration and coordination with internal and external stakeholders.

Qualifications:
**Required Qualifications**:
Extensive knowledge and experience (more than 3 years) in the following areas:

- IT infrastructure penetration testing;
- Network security architecture design;
- Assessing security vulnerabilities within OS, software, protocols & networks;
- Researching and evaluating security products & technologies;
- Knowledge in system and network administration of UNIX and Windows systems;
- Use of penetration testing tools, techniques, and recognized testing methodologies;
- Scripting skills in at least one of the following: Perl, Python, Ruby, shell (bash, ksh, csh);
- Ability to evaluate risks and formulate mitigation plans;
- Proven ability to write clear and structured technical reports including executive summary, technical findings and remediation plan for several different audiences
- National of one of the 30 NATO countries
- In possession of an active National and/or NATO Secret security clearance