Senior Penetration Tester Apply
THOR Solutions is seeking a Senior Penetration Tester to provide support to technical processes and technical management processes in support of comprehensive test and evaluation associated with test support, operational verification of installations and support efforts for Developmental Test and Evaluation (DT&E), Operational Test and Evaluation (OT&E), and Penetration testing (PEN testing).
The candidates responsibilities may include (but are not limited to) performing, supporting, or supervising the following actions:
- Provide support by utilizing experience working with Entra ID (Azure AD), Active Directory, SSO, MFA, Azure application integration, Identity Federation.
- Provide support by utilizing experience in automation using Powershell, PowerAutomate, Logic Apps, Graph API.
- Provide support by utilizing experience working with Microsoft Entra ID and Microsoft 365 in a hybrid environment.
- Provide support by utilizing experience extending or integrating on premises AD with Entra ID.
- Provide support by utilizing experience managing identity and access in Microsoft Entra ID.
- Provide support by utilizing experience conducting Red Team operations in an MDE environment.
- Provide support by utilizing experience with AWS, Cloud Audit, Serverless and Microservice Architecture.
- Provide support utilizing experience working with AWS services (such as EC2, S3, KMS, RDS) and security best practices relevant to those services.
- Provide support by performing web application and API penetration testing, and Cloud Security Audits
- Provide support by utilizing experience with Web Services penetration testing (RESTful and SOAP) Web Authentication protocols (e.g. OAuth2, SAML, LDAP)
- Providing support by writing proof of concept code to demonstrate the severity of a potential security issues.
- Provide support by utilizing working knowledge with scripting languages (e.g. Python, Perl, PHP, Ruby)
- Provide support by utilizing working knowledge with Programming language (e.g. C, Java, Python, JavaScript)
Travel: Up to 10% travel is anticipated.
US Citizenship Required: Due to the requirements of the federal contract that this position supports, U.S. citizenship is required. Citizenship will be confirmed via I-9/E-Verify at the start of employment.
Existing Top Secret/SCI Security Clearance Required: This position requires a DoD Top Secret/SCI security clearance. A qualified candidate will already possess an Active Top Secret/SCI clearance.
Required Knowledge, Skills, and Abilities:
- Bachelors Degree in Cyber Security or Computer Science.
- Masters degree or PhD in Computer Science or Cyber Security is preferred.
- Minimum of eight (8) years of experience with a BS/BA degree.
- Minimum of six (6) years of experience with a MS Degree.
- Minimum of three (3) years of experience with a PhD.
- Masters degree or PhD in Computer Science or Cyber Security is preferred.
- Shall have a minimum of five (5) years of experience in penetration testing and/or offensive Cyber operations.
- Shall have demonstrated experience utilizing penetration tools.
- Shall have demonstrated experience in mimicking threat behavior.
- Demonstrated experience performing vulnerability assessments with the Assured Compliance Assessment Solution tool.
- Demonstrated experience with performing STIG assessments to include using SCAP benchmarks.
- Demonstrated experience utilizing packet analyzer tools such as Wireshark and tcpdump.
Required Certifications:
- Qualify under the DOD Cybersecurity Workforce (CSWF) as a Vulnerability Assessment Analyst (541) at the Intermediate level, in accordance with DOD 8570.01-M. Typically this includes at least ONE of the following credentials:
- Bachelors Degree from accredited university in a relevant discipline such as Computer Engineering, Computer Programming, Computer Science, Electrical Engineering, or similar.
- CYBR1010 CNE Bootcamp
- CYBR1100 Network Traffic Analysis
- CYBR2100 Certified Ethical Hacker
- CYBR2400 Cyber Operator Training Course
- CYBR4005 Comp Forensics Invest and Response
- Intermediate Cyber Core (ICC)
- One of the following Navy Enlisted Classifications:
- NEC 742A Network Security Vulnerability Technician
- NEC H08A Advanced Network Analyst
- NEC H10A Basic Cyber Analyst/Operator
- Possess at least one of the following certifications:
- Certified Ethical Hacker (CEH)
- CompTIA Security+ CE (Sec+)
- GIAC Security Essential Certification (GSEC)
- Possess at least one of the following certifications:
- Offensive Security Certified Professional (OSCP) Certification
- Offensive Security Certified Expert (OSCE) Certification
- Offensive Security Exploitation Expert (OSEE) Certification
- Offensive Security Wireless Professional (OSWP) Certification
THOR is proud to be an Affirmative Action/Equal Opportunity Employer. THOR considers all qualified applicants for employment without regard to age, race, ethnicity, color, religion, sex, sexual orientation, gender identity or expression, national origin, genetics, disability status, or status as a protected veteran. THOR complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment. Equal Employment Opportunity (EEO) is the law.
Please be aware that many of our positions require the ability to obtain a security clearance. Security clearances may only be granted to U.S. citizens.
Founded in 2009, THOR Solutions, LLC (THOR) is a rapidly growing Center for Veterans Excellence (CVE) verified Service Disabled Veteran Owned Small Business (SDVOSB) providing mission critical support across the Department of Defense, federal civilian agencies and commercial maritime industry, worldwide. THOR provides innovative and tailored expertise in multidisciplinary engineering, project and program management, business and financial management, technical support, integrated logistics support, training support, fleet support, corporate operations support, assessments and studies. THOR is privileged to deliver service solutions to the nations most complex military, public sector and industry challenges.
THOR is proud to be an Affirmative Action/Equal Opportunity Employer. THOR considers all qualified applicants for employment without regard to age, race, ethnicity, color, religion, sex, sexual orientation, gender identity or expression, national origin, genetics, disability status, or status as a protected veteran. THOR complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment. Equal Employment Opportunity (EEO) is the law.
THOR is proud to be a Veteran-Friendly Employer. THOR does not discriminate against a qualified applicant because of their status as a protected veteran, or their relationship or association with a protected veteran. This includes spouses and other family members.
If you are an individual with a disability and would like to request a reasonable accommodation as part the employment selection process, please contact us at recruiting@thorsolutions.us or (571) 215-0077.
If you would like to view a copy of THORs affirmative action plan, please email recruiting@thorsolutions.us.
vebifOlBnz
