Conduct application and network layer penetration tests on various IT environments. Conduct red teaming activities, including physical security penetration testing. Perform independent pen testingutilizingnumerouspenetrationtesti ng tools andleveragingmainly manualtechniques, typically testing willnecessitatesource code analysis. Write risk prioritized finding reports, debrief system owners and consult on remediation options. Retest security vulnerabilities that have been identified as fixed to verify remediation Contribute to pen testing, red teaming, tooling, and reportingmethodologyenhancements. Evaluate effectiveness of defensive countermeasures and consult with blue teams to help improve detection methods and capabilitiesrequiredfor situational awareness. Perform exploitation analysis and authors exploitation tools/techniques. Experience performing. ACAS and. Open. RM - Fcompliance scans for classified networks,identifyingweaknesses and reporting results toexternal organizations. Experience with secure software development lifecycle and large-scale computing environments. Experience working with Information Security principles, policies, and industry best practices including the Critical Security Controls (CIS), Open Worldwide Application Security Project (OWASP), Top 10 and. Mitre. Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework. Experience working with Authentication and Authorization Controls. Experience working with common server applications such as Internet Information Services (IIS), Apache, Lightweight Directory Access Protocol (LDAP), Tomcat, and Secure Shell (SSH)Experience working with common network protocols such as. Hyper. Text. Transfer Protocol/ Hyper. Text. Transfer Protocol Secure (HTTP/ HTTPS), Transmission Control Protocol/ Internet Protocol (TCP/ IP), and User Diagram Protocol (UDP)Basic Qualifications (Required Skills/ Experience):This position requires an active U.S. Top Secret Security Clearance with SCI eligibility (U.S. Citizenship Required). (A U.S. Security Clearance that has been active in the past 24 months is considered active)9 or more years' related work experience or an equivalent combination of technical education and experience 1 years of experience in server administration and file management structure 1 years of experience in programming experience in Python, PHP, Perl, Ruby, .NET, or other interpreted or compiled languages 1 years of experience in penetrating testing and vulnerability assessments using manual techniques and vulnerability testing tools (including scanners, sniffers,fuzzersand exploit tools such as Burp, Nmap, Kali and Metasploit)Experience leading andconductingvulnerability assessments and penetration testing of target systems and environments for multiple and undefined interfaces. Experience performingassessment planningand analyzingarchitecture and system functionality for a broad range of technologies. Experience configuringand conductingautomated scanning and manual testing. Preferred Qualifications (Desired Skills/ Experience):Bachelor’s degree or higher in Engineering or STEM related field. Experience developingsecurity control plan implementations across 10 NIST SP 800-53 control families for ATO submission supporting mission critical systems for a United States Space Force Space Operation Center. Experience reviewingandadjudicating. RMF ATO artifacts, including thesoftware Assurance plans,trustedfiletransfer plan, RBAC matrix, and Vulnerability and Patch Management Plans. Experience evaluatingsystem security configurations. Experience configuringand conductingautomated scanning and manual testing. Conflict of Interest:Successful candidates for this job must satisfy the Company’s Conflict of Interest (COI) assessment process.