RCT Systems is seeking a penetration tester who will successfully perform vulnerability assessments and penetration testing following the customer’s prescribed scope statement with authorities derived from the customer’s Enterprise cyber security organization. The ideal candidate must display familiarity with Windows and Linux Mobile operating systems and be able to conduct network and security vulnerability analysis. Specifically, the candidate will analyze mission systems to help assess vulnerability compromise from adversaries. The successful candidate must have prior experience with scope defined penetration testing using mainly open source tools. Conducts research and evaluates technical and all-source intelligence with specific emphasis on user behavior and patterns in a dynamic and changing mission environment. Analyzes technical and non-technical data and metadata to determine normal patterns of events, proactively identify abnormalities, and determine root-cause of abnormalities. Correlates threat data from various sources. Prepares assessments and presentations of analyses and findings. Develops and maintains analytical procedures to meet changing requirements and ensure maximum operations. Collects data using a combination of standard intelligence methods and business processes. Produces high-quality papers, presentations, recommendations, and findings for senior officials.
- BS (or equivalent) in Cybersecurity, Information Security, IT, EE, Network Engineering, Computer Science, or related field
- Six (6) year’s experience in three (3) or more specific areas to include: analysis, network engineering, networking security, penetration testing tool, red teaming, hardware engineering, software engineering, vulnerability assessment tools (OS, web, database) etc.
- Familiarity of various operating systems: Windows, iOS, Android, or Linux
- Proficiency with at least three (3) or more of the following: mobile security, telecom protocols, operating systems, reverse engineering, forensics, network analysis, vulnerability assessment or malware.
- Scripting or coding experience
- Working knowledge of software development
- Experience in network analysis methodologies
- Experience in drafting reports, documenting case details, and able to summarize findings and recommendations based on system analysis.
- Demonstrated strong written and verbal communication skills
- Security Certification: CEH, GIAC or equivalent pen testing cert.
- TS/SCI with Poly
- MS degree in technical field
- Familiarity with Wireshark, Fiddler, EnCase, Sleuthkit and similar tools
- Experience employing advanced forensic tools and techniques for attack reconstruction, including dead system analysis and volatile data collection and analysis
- Desired security certification: examples include OSCP, CEH, CISSP, or Security+
- Law Enforcement/Cyber Forensics experience
- Experience in performing post-incident computer forensics without destruction of critical data.
- Experience in Malware Analysis and Reverse Engineering.
- Experience with Splunk, ArcSight, HP Openview, FireEye, Solar Winds, Wed Sense
- Desired experience ensuring quality assurance and the spreading of best practices
- Experience with operational communications
RCT Systems is an Equal Employment Opportunity Employer. Qualified applicants will receive consideration for employment without regards to race, color, religion, sex, sexual orientation, gender identity, national origin disability or protected veteran status.