At ShorePoint, we recognize that what we do for our customers is critical, complex and often intense. Our team-oriented culture promotes creativity and collaboration in a fun and relaxed work environment.

ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers.

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

The perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certification maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a Vulnerability Assessment Engineer who has experience providing support in a dynamic, fast-paced environment within the public sector. The Vulnerability Assessment Engineer will perform comprehensive assessments that produces actionable security recommendations that are tailored to the assessed environment, to include vulnerability assessment and vulnerability management. This is a unique opportunity to join an exciting company where you will have a voice and be an active participant in driving growth and shaping our companies’ culture.

What you’ll be doing: 

  • Work closely with target organizations to ensure full comprehension of the standard security controls; conduct site visits as required
  • Assist with security controls compliance assessments using established matrixes of tailored control and provide expert support in assessments of target organizations
  • Provide support to Vulnerability Management programs
  • Provide support to assessed organizations to ensure proper tracking of Plan of Action and Milestone (POA&M) items
  • Provide support and conduct annual reviews of the security controls (or some subset of the security controls) to ensure continued compliance as requested
  • Assist with establishing footholds on endpoints within monitored organizations networks to provide day-to-day visibility into the security posture
  • Provide expert support for the development and maintenance of develop of processes and best-practices for evaluating A&A data through a standard scorecard
  • Utilize industry standard tools for automating the review of system configuration and security control compliance
  • Conduct periodic NIST controls assessments in support of network authorization and continuous monitoring
  • Provide detailed observations from controls assessments in the form of Security Assessment Report (SAR) and Risk Assessment Report (RAR) documents
  • Employ a scan-patch-scan methodology to ensure all systems identify and receive appropriate security patches
  • Conduct vulnerability scanning using industry standard tools (e.g., Tenable Nessus) on a weekly to bi-weekly basis
  • Report scan result data to appropriate system administrators to aid in the deployment of system updates and patches
  • Develop a mitigation plan detailing a prioritized timeline for patch deployment (e.g., 30-60-90-day patch deadlines based on each finding’s severity level)
  • Conduct false positive analysis and vulnerability analysis to determine the legitimacy of all detected vulnerabilities as well as prioritize their remediation
  • Configure the identified application to effectively ingest, process, and report vulnerability data collected during assessments as well as data provided from organizations’ self-assessments
  • Conduct long term trend analysis, identifying improvements or degradations in system security posture across the enterprise
  • Provide dashboard views of data roll-ups from all facets of assessed systems (e.g., risk, vulnerability data, POA&M status) to present high-level executive summary reports to government leadership

What you need to know:

  • Ability to conduct Vulnerability Assessments using industry tools – NESSUS, Tenable, etc. Experience with Tenable (Tenable.io or Tenable.sc) in an enterprise environment highly preferred.
  • Experience in vulnerability management strategies, standards, procedures and technologies across infrastructure and application-level vulnerabilities.
  • Experience scanning Windows, RHEL and Centos Operating Systems and troubleshooting scans, to include the ability to communicate with customers daily describing the results of scans
  • Experience scanning Virtual environments to include VMware vSphere infrastructures,
  • Network devices, Databases (Oracle, MSSQL, MySql, Postgres), and websites web with tenable.sc
  • Intermediate to advanced knowledge of the following platforms in an enterprise environment: Windows and RHEL, routing, switching, IDS, IPS, Firewalls
  • An understanding of mapping and scanning applications and systems, including port scanning, identifying services and configurations, application flow charting, and session analysis.

Must have’s:

  • Bachelors in Cybersecurity, Computer Science/Electrical Engineering, Engineering, or IT
  • Top Secret with SCI eligibility and ability to pass a Counterintelligence (CI) polygraph
  • Shall possess one or more of the following certifications: (ISC)2 Certified Information Security Professional (CISSP), ISACA Certified Information Systems Auditor (CISA), SANs GIAC certification (e.g., GPEN or GW APT), and EC-Council Certified Ethical Hacker (CEH)

Beneficial to have the following:

  • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)
  • Comprehensive knowledge in the one or more of the following areas: information security, network security, Windows security, UNIX/Linux security, and web application security
  • Demonstrated success and understanding of accepted frameworks such as, ISO/IEC 27001, COBIT, and NIST, including 800-53 rev 5 and the ATO process
  • Ability to research new trends, techniques, and packaging of malicious software to stay current and ready to identify and handle zero-day exploits

Where it’s done:

  • Washington, D.C

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

The perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certification maintenance and reimbursement, etc.

Who we’re looking for:

We are seeking a Business Analyst who has experience providing support in a dynamic, fast-paced environment within the public sector. The Business Analyst will support the growth of a newly awarded program and the company. This is a unique opportunity to join an exciting company where you will have a voice and be an active participant in driving growth and shaping our companies’ culture.

What you’ll be doing: 

  • Provide consulting support services to clients related to the architecture and policy of enterprise ICAM deployment
  • Conduct evaluations of existing ICAM technical approaches
  • Evaluate and establish ICAM program governance and stakeholder engagement mechanisms
  • Conduct risk management assessments of critical assets and develop strategies for their protection
  • Develop point papers and presentation slides to describe ICAM challenges and solutions to executive leadership.
  • Develop and operationalize program performance metrics and reporting mechanisms in support of Identity Management Programs

What you need to know:

  • Experience creating Swim Lane diagrams
  • Experience with MS Visio to capture and present stakeholders’ ideas effectively
  • Ability to understand and capture technical concepts and convert to user stories
  • Ability to interface directly with customer
  • Experience defining current business process and workflow
  • Experience within Azure AD
  • Thorough knowledge of NIST 800-63
  • Thorough understanding of OpenID connects (OIDC) and SAML
  • Ability to understand and capture technical concepts and convert to user stories
  • Ability to author pages in the modern SharePoint experience
  • Understanding of Modeling and architecture
  • Experience defining current business process and workflow

Must have’s:

  • Bachelor’s degree in a Technical Discipline – Computer Science, Mathematics, or equivalent technical degree
  • 2-4 years of experience
  • Ability to obtain agency required security clearance

Beneficial to have the following:

  • Experience creating UML diagrams

Where it’s done:

  • Herndon, VA and remote

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

 

The perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certification maintenance and reimbursement, etc.

 

Who we’re looking for:

We are seeking a Cybersecurity Program Manager who has experience providing support in a dynamic, fast-paced environment within the public sector. The Cybersecurity Program Manager will have an opportunity to shape the growth of the company by to provide unparalleled support to our customer through strategy formation, policy development, performance and project management and technical support. This is a unique opportunity to join an exciting company where you will have a voice and be an active participant in driving growth and shaping our companies’ culture.

 

What you’ll be doing:

The Cybersecurity Program Manager will be responsible for providing subject matter expertise, advisory support, program management, program analysis and reporting, documentation, and strategic planning and overall management. Provide strategic advice, technical guidance and expertise to program and project staff; provide detailed analysis, evaluation and recommendations for improvements, optimization development, and/or maintenance efforts for client-specific or mission critical challenges/issues; consult with client to define need or problem; supervise studies and leads surveys to collect and analyze data to provide advice and recommend solutions.

 

What you need to know:

  • Possess critical thinking and problem-solving skills
  • Strong general background in cybersecurity and able to advise on a number of topic areas including threat intelligence, incident investigation, vulnerability management, etc.
  • Excellent written and verbal communication skills
  • Demonstrated stakeholder management experience
  • Technical background providing cybersecurity professional services
  • Ability to provide advisory support to senior level cybersecurity personnel

Must have’s:

  • 10 years of experience
  • Master of Arts OR Master of Science
  • Active Top Secret Clearance with Sensitive Compartmented Information (SCI)

Beneficial to have the following:

  • Project Management Professional (PMP) Certification
  • Additional Cybersecurity related certifications

Where it’s done:

  • Arlington, VA and remote

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

 

The perks: 

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certification maintenance and reimbursement, etc.

 

Who we’re looking for:

We are seeking a Cybersecurity Solutions Architect who has experience providing support in a dynamic, fast-paced environment within the public sector. The Cybersecurity Solutions Architect will have an opportunity to shape the growth of the company by effectively gathering and managing customer requirements. This is a unique opportunity to join an exciting company where you will have a voice and be an active participant in driving growth and shaping our companies’ culture.

 

What you’ll be doing:

Engage with ShorePoint customers to leverage technical understanding of Cybersecurity to create and apply solutions aligned to the client’s mission. Apply advanced consulting or extensive technical expertise and full industry knowledge within Cybersecurity and Data Analytics. Develop innovative solutions to complex problems. Work without considerable direction, mentor and supervise team members

 

What you need to know:

  • Perform as a technical solutions expert in designing, implementing, and maintaining the organization’s application systems and/or IT infrastructure for highly complex systems
  • Provide an architectural framework for information system development, maintenance, and enhancement efforts
  • Understands user and process requirements and ensure those requirements can be achieved through high quality deliverables
  • Collaborate with management, developers, and engineers to develop road maps for applications, align development plans, and to ensure effective integration among information systems and the IT infrastructure
  • Monitor technological advancements to ensure that solutions are continuously improved, supported, and aligned with industry and company standards as well as emerging business requirements
  • Perform solutioning for On-Premise and Hybrid Cloud Architecture
  • Cloud Services Integration experience (AWS, Azure or GCP)
  • Experienced with Cyber Data processing and cyber security event management
  • Data Flow Architecture development experience
  • Data Taxonomy, tagging, and enrichment processing experience
  • Queueing technology architecture/implementation ( e.g kafka, redis, rabbitmq)
  • Cyber Data Warehousing at scale ( hadoop, apache – spark/ storm)
  • Extract Transform Load Technology or Api development experience (python, logtsash,nifi, cribl, splunk uf)
  • Configuring system to comply with government auditing policy requirements (M-21-31, NIST 800.53, ICS-500-27)
  • Enterprise audit or cyber security SIEM architecture and integration experience (Splunk, Arcsight, ELK)
  • Knowledge of the interactions between systems, applications, and services within the environment, and evaluate the impact of changes or additions for highly complex systems
  • Analyze systems and perform usability testing to ensure performance and reliability, enhance scalability, and meet security requirements
  • Identify solutions to business requirements via reasoned application of Cybersecurity and Data Analystics. These solutions are presented in the form of IT architectures and include processes, services, and systems

Must have’s:  

  • At least 5 years of experience in IT or cybersecurity environments
  • Bachelor’s degree in technical field
  • Ability to obtain agency level clearance

 

Beneficial to have the following:

  • Cybersecurity related certifications preferred

 

Where it’s done:

  • Herndon/Reston, VA and Remote. Ability to travel up to 10%

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

 

The perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certification maintenance and reimbursement, etc.

 

Who we’re looking for:

We are seeking a Cloud Engineer who has experience providing support in a dynamic, fast-paced environment within the public sector. The Cloud Engineer will have experience designing and implementing cybersecurity services in a cloud environment within the federal market. This is a unique opportunity to join an exciting company where you will have a voice and be an active participant in driving growth and shaping our companies’ culture.

 

What you’ll be doing:

  • Able to create and deliver presentations and demonstrations to both technical and non-technical audiences
  • Be familiar with Agile/Scrum methodologies and best practices to engage with leadership and government clientele on project development
  • Have extensive experience with monitoring tools such as Elasticsearch, Splunk, CloudWatch, etc. to engage with project monitoring and incident response activities
  • Working with a multi-tenant platform and working with tenants to understand requirements
  • Has a thorough understanding of data transit between APIs (data ingest, indices frameworks), data normalization and cleansing concepts, and the networking and software implications
  • Experience in ephemeral software concepts and tooling, including but not limited to: docker, ECS/EKS, and Fargate
  • Be able to navigate an AWS cloud environment and utilize the different offerings.
  • Be able to leverage Infrastructure as Code (IaC) tools such as CloudFormation, Terraform, etc. to structurally automate build requisite infrastructure
  • Be familiar with configuration management tools such as Ansible, Chef, ect.
  • Be familiar with version control systems such as Gitlab, Github and Bitbucket.
  • Leverage scripting languages such as Bash, Python, JavaScript, PowerShell, JSON, YAML, etc. to interface a variety of tooling together into a comprehensive package wherever applicable
  • Be able to leverage Docker toolset to design, implement and deliver containerized services, troubleshoot failure modes, and resolve system/architectural issues
  • Have familiarity with implementing STiGs and other security requirement guides to harden both Windows and Linux operating systems
  • Be able to create and maintain custom Amazon AMIs that incorporate DoD STIG requirements
  • Integrate multiple software products across cloud and hybrid environments
  • Closely coordinate and communicate with team as well as sponsors for effort
  • Ability to brief and engage directly with sponsors and their supporting staff regarding technical support work and architecture design of cloud environments

 

What you need to know:

  • Experience with information security/information assurance policies, principles, and practices (NIST Special Publications: Risk, Security, and Privacy as a basis) in cloud environments including network firewalls, access control lists, encryption, auditing and monitoring, and compliance scanning
  • Familiarity with FedRAMP, the MITRE ATT&CK framework and other security frameworks is beneficial

Must have’s:  

  • 5 years of experience in AWS, supporting cloud native and Linux-based applications and environments
  • 5 years of cloud-native networking, with a focus on high availability, scalability, and elasticity
  • 7 years of management and administration in enterprise cloud and hybrid environments
  • Must be a U.S. Citizen and have an ability to obtain and maintain a clearance

Where it’s done:

  • Fairfax, VA and Remote

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

The perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certification maintenance and reimbursement, etc.

 

Who we’re looking for:

We are seeking a Data Engineer who has experience providing support in a dynamic, fast-paced environment within the public sector. The Data is responsible for expanding and optimizing data and data architecture, as well as optimizing data flow and collection for cross-functional teams. Additional position activities include supporting software developers, database architects, data analysts and other program teammates to achieve data initiatives and ensure optimal data delivery architecture is consistent throughout ongoing projects within the federal market. This is a unique opportunity to join an exciting company where you will have a voice and be an active participant in driving growth and shaping our companies’ culture.

 

What you’ll be doing:

  • Extensive experience as a data engineer or comparable discipline in a government environment
  • Building infrastructure required for extraction, transformation, and loading of data from a wide variety of data sources
  • Advanced applied knowledge and experience working with relational databases, query authoring, as well as working familiarity with a variety of databases
  • Experience building and optimizing data pipelines, architectures and data sets
  • Administers Security Data Integration Platform
  • Conducts parsing/normalization of all data feeds
  • Documents and automates parsing of tools/versions within inventory catalog
  • Investigates/correlates new data feeds for inventory and data source updates
  • Provides site-specific data platform technical reach-back and guidance for site administrators
  • Experience with Agile management and associated tools
  • Self-starting and able to drive projects to completion in a fast-moving environment
  • Solid communications skills, both written and verbal
  • Able to create, discuss and explain technical documentation
  • Ability to function effectively as part of a high-performance team

What you need to know:

  • Experience troubleshooting issues related to data connections and/or data sources
  • Familiar with NISTIR 8112
  • Multi-cloud (AWS, Azure, Google, and/or other SaaS providers) and on-premises data integration experience
  • Experience with one or more queuing technologies

 

Must have’s:  

  • Must be a U.S. Citizen and have an ability to obtain and maintain a clearance
  • Bachelor’s Degree in a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience
  • Minimum of 5+ years of experience sourcing, connecting, and assembling large, complex data sets

 

Where it’s done:

  • Herndon, VA and Remote

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

 

The perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certification maintenance and reimbursement, etc.

 

Who we’re looking for:

We are seeking a Elastic SIEM Cyber Engineer who has experience providing support in a dynamic, fast-paced environment within the public sector. The Elastic SIEM Cyber Engineer has experience managing an Elastic Cloud Enterprise & Elasticsearch platform in the federal market. This is a unique opportunity to join an exciting company where you will have a voice and be an active participant in driving growth and shaping our companies’ culture.

 

What you’ll be doing:

  • Elastic SIEM solution development, integration, platform architecture, and capacity planning in mission-critical environments
  • Deploying additional Elastic clusters using infrastructure as code (Ansible playbooks)
  • Maintain, secure, and upgrade ECE deployments
  • Integrate log and sensor data into ELK
  • Data modeling, query development and optimization, cluster tuning and scaling with a focus on fast search and analytics at scale
  • Streamline cybersecurity tactics, techniques, and procedures
  • Create dashboards and reports in ELK
  • Leverage data analytics can machine learning algorithms for cyber operations
  • Provide adoption awareness and training for the ELK SIEM
  • Working with a multi-tenant platform and working with tenants to understand requirements
  • Providing subject matter expertise to assist the rest of the team in their roles

 

What you need to know:

  • Knowledge of planning and executing data retention and life cycle management plans
  • Hands-on experience administrating Elasticsearch clusters (10+ Data nodes)
  • Knowledge of information retrieval and/or analytics domain
  • Experience with load balancing, DNS, TLS certificate generation and SAML integration.
  • Experience working with data solutions in a public sector
  • Excel at working directly with customers to gather, prioritize, plan and execute solutions to customer business requirements as it relates to our technologies
  • Familiar with SOC operations, open-source security frameworks, and Linux

Must have’s:  

  • 4+ years of experience with IT with a focus in Linux sysadmin, databases, containers or cyber operations
  • 3+ years of experience with hands on operations of sizing, monitoring, and management, and open-source tools, including Kafka, Logstash, Beats, Elasticsearch, Kibana and Splunk

Where it’s done:

  • Alexandria, VA and Remote

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

 

The perks: 

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certification maintenance and reimbursement, etc.

 

Who we’re looking for:

We are seeking a Penetration Tester who has experience providing support in a dynamic, fast-paced environment within the public sector. Our Penetration Testers will have strong familiarity providing Cybersecurity assessment services utilizing a multitude of cyber tools, proven methodologies, and industry best practices in the federal market. This is a unique opportunity to shape the growth, development, and culture of an exciting and emerging company in the cybersecurity market. This position provides the opportunity to travel to client sites both locally and nationally.

 

What you’ll be doing:

As part of the Cyber Assessments team, provide cybersecurity scanning and testing services, threat intelligence integration to provide cybersecurity customers with findings and information that informs the risk management and decision-making processes.

 

What you need to know:

  • Knowledge of host identification and exploitation of vulnerabilities
  • Knowledge of phishing procedures
  • Knowledge of script writing and crafting of payloads
  • Knowledge of database operations and system/network administration
  • In-depth knowledge and understanding of operation of assessment tools (including but not limited to Metasploit, Nmap, Burp Suite, Powersploit, and Cobalt Strike)
  • Ability to operate in a critical fashion in dynamic environments
  • Knowledge of FISMA and NIST 800 series standards
  • In-depth knowledge of network mapping, vulnerability scanning, penetration testing, and Web Application testing
  • In-depth knowledge of the procedures of Phishing Assessments, Wireless
  • Assessments, Operating System Security Assessments, and Database Assessments
  • Coordinates assessment equipment, including ensuring images on assessment equipment are up to date, equipment transport, setup and tear-down of equipment on-site, and general maintenance
  • Operates assessment tools, under the direction of the Government
  • Assists the IT Security Expert Level II with development of documentation and reporting for coordination of Assessment report in accordance with the appropriate report template at the direction of the Government

Must have’s:

  • Bachelor’s Degree in related field
  • Minimum of 2 years operational experience
  • At least one of the following: OSCP, OSCE, GPEN, GXPN, or equivalent
  • All personnel must have at least a PUBLIC TRUST clearance and pass a federal background check

 

Where it’s done:

  • Herndon/Reston, VA and Remote with up to 25% travel

Applicants have rights under Federal Employment Laws. For more information please see:

Family and Medical Leave Act (FMLA) Poster

Equal Employment Opportunity (EEO) Poster

Employee Polygraph Protection Act (EPPA) Poster