Cloud Penetration Tester - Subject Matter Expert (SME)

Responsibilities:

Peraton is looking for an experienced Cloud Penetration Tester, Subject Matter Expert to become part of Peraton’s Department of State (DoS) Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable innovative, effective and secure business processes.

Location: Rosslyn, VA. This role supports the Penetration Testing (Red Cell) Team.

Position Description:

Design, plan and perform testing of cloud systems to satisfy the NIST 800-53 CA-8 security controls and using methodologies that may include, NIST SP 800-115, Penetration Testing Execution Standard (PTES), and Information Systems Security Assessment Framework (ISSAF).

Work with the Red Cell leadership to provide support on and/or lead cloud assessments from beginning to completion including meeting with systems owners, scoping assessments, delivery of assessment reports, briefing system owners and stake holders.

Performs leadership support on cloud implementations, network infrastructure, and operating system infrastructures.

Organize and lead efforts that document and design improvement strategies for discovered vulnerabilities and monitoring gaps.

Produce reports and conduct management briefings on test activities, scenarios, results and recommendations with personnel around the globe.

Stay abreast of current attack vectors and unique methods for exploitation of computer networks.

Provide support to incident response teams through capability enhancement and reporting.

Evaluating cloud system security configurations and recommend enhancements.

Provide mentoring and guidance to senior, mid, and staff members by creating and teaching latest techniques in ethical hacking and vulnerability analysis.

Securing, testing, having a good understanding of Cloud vulnerabilities and how to address them

#DSCM2022

Qualifications:

Required:

Bachelor’s degree and a minimum of 14 years’ of relevant experience. An additional 4 years of experience may be substituted in lieu of degree.

Experience with Burp Suite Pro or Zap, including identification and usage of relevant plugins preferred

Experience with security assessment tools, including Nessus, Metasploit, or Cobalt Strike

Well-rounded background in application, network, cloud, and system security

Experience with conducting penetration and malicious user testing in Cloud environments, including Amazon Web Services (AWS), Azure, GCP, and, on premise systems.

Proficient in evaluating cloud system security configurations.

Has expertise in evaluating findings and performing root cause analysis.

Understanding of common Web Application vulnerabilities like SQLi, XSS, CSRF, and HTTP Flooding.

Must possess one of the following certifications:CASP+ CE

CCISO

CCNA Cyber Ops

CCNA-Security

CCNP Security

CEH

CFR

CISA

CISM

CISSP (or Associate)

CISSP-ISSAP

CISSP-ISSEP

Cloud+

CySA+

GCED

GCIA

GCIH

GICSP

GSLC

SCYBER

U.S. Citizenship required with an active Top Secret clearance before start date.

Desired:

Industry certifications such as OSCP, GCPN, CCSP, OSWE, GPEN, GCIH, GWAPT, or GXPN

Experience with server administration, TCP/IP networking, vulnerability identification and exploitation, vulnerability exploit code development, offensive security operation coordination and communication, vulnerability tracking and remediation, mobile testing

Peraton Overview:

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit (url removed) to learn how we’re keeping people around the world safe and secure.

Target Salary Range:

$112,000 - $179,000. This represents the typical salary range for this position based on experience and other factors.

Permanent