Enterprise Information Services, Inc.

  • Red Team Developer Subject Matter Expert

    Job Location US-VA-Quantico
    ID
    2018-3714
    # of Openings
    1
    Targeted Job Start Date
    4/1/2019
  • Overview

    This position provides operational network exploitation and cyber threat emulation/penetration testing support towards local area network and wide area network systems. This position involves conducting and reviewing incident/event investigation and analysis, assessing network vulnerabilities, security engineering, validation testing of system configuration/hardening, and assessment of classified Information Systems (IS).

    Responsibilities

    • Promote awareness of security issues among management and ensure sound security principles are followed.
    • Evaluate detect, prevent, respond capabilities across each phase of an attack lifecycle
    • Participates with the client in the strategic design process to translate security and business requirements into technical designs.
    • Identify Exploitable Vulnerabilities. Support security posture assessments.
    • Test the current state of cyber security but also continuously challenge the plans, defensive measures and security concepts/policies
    • Improve counter measures against future threats
    • Provides timely updates to the Vulnerability Management System (VMS) to ensure accurate assessment of network status at all times.
    • Challenge the current security policies.
    • Using custom applications, test the readiness of the quick reaction teams, CSIRT and CERT, of the security departments and of the security engineers
    • Using penetration testing test the readiness of infrastructures and security teams
    • Oversees the adequate assessment of all identified risk(s) and the generation of a mitigation plan.
    • Leads, supports, and/or facilitates security assessments of new or modified hardware, operating systems, and software applications ensuring integration with IA security requirements.
    • Develops, recommends and implements incident response procedures and technologies to identify, assess, and ensure the appropriate response to threats and vulnerabilities.

    Qualifications

    • BS degree from an accredited institution, or 8 years of experience in lieu of degree.
    • At least five years of experience performing various assessments (penetrations tests of systems and networks within a DOD Network Environment of enclave).
    • At least five years of experience developing exploit code for network and system penetration testing.
    • At least five years of experience performing penetration testing of web applications
    • At least five years of experience developing specialized applications for the assessment and security testing of web applications.
    • At least five years of experience developing and maintaining custom applications that exploit known system vulnerabilities or system mis-configurations to configurations to gain system command and control during red team operations.
    • Knowledge DOD security controls to include DISA Secure Technical Implementation Guidelines (STIG) and the DOD IA Certification and Accreditation Process and Risk Management Framework (RMF).
    • TS/SCI clearance
    • Possess IAT Level III certification; One of the following certifications required - CASP CE, CCNP Security, CISA, CISSP, GCED, GCIH.

    EIS is an Equal Opportunity Employer/M/F/V/Disabled.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed