Penetration Test Engineer
The Penetration Test Engineer will be responsible for assessing customer requirements and operating environment risk and infrastructure vulnerability posture. This position requires a wide range of knowledge of IT/Telecom network infrastructures, operating systems hardware platforms, networking systems and the security vulnerabilities within each category. The qualified individual in this position will attempt to attack customer network infrastructure to discover and exploit security flaws and vulnerabilities with attack simulations, probes for and exploits security vulnerabilities in web-based applications, networks and systems on multiple platforms working against a specific customer-focused scope of work. This position requires a highly technical skill level to assess the risks and vulnerabilities of a network while being able to articulate the issues to a non-IT professional audience. Excellent communication skills, both oral and written are required to provide the reporting information after the tests are completed. When not performing the specific Scanning and Penetration Testing functions, the individual in this position will provide support to the Customer’s Engineering and Cyber team with other security assessments and gap analysis functions.
- Provide technical leadership in the planning, investigation, design, and implementation of physical and logical communications solutions in the lab environment, which emulates the operational network
- Responsibilities include working with managers to document threats and designing security protocols and policies
- Assume the lead role in conducting lab based functional testing and evaluation of Data Communications Network (DCN) topology, physical connectivity, component, and device vulnerability
- Assess the vulnerabilities between data, control, and management planes, layer-0/1/2/3 design schema and its effectiveness in facilitating connectivity
- Perform formal penetration tests on web-based applications, networks and computer systems
- Conduct physical security assessments of servers, systems and network devices
- Design and create new penetration tools and tests
- Probe for vulnerabilities in web applications, fat/thin client applications and standard applications
- Pinpoint methods that attackers could use to exploit weaknesses and logic flaws
- Employ social engineering to uncover security holes (e.g. poor user security practices or password policies)
- Incorporate business considerations (e.g. loss of earnings due to downtime, cost of engagement, etc.) into security strategies
- Research, document and discuss security findings with the Technical Director, Engineering, and Cyber Leads
- Work on improvements for security services, including the continuous enhancement of existing methodology material and supporting assets
- Provide feedback and verification as an organization fixes security issues
- Create new tests to identify vulnerabilities across several systems
- Use physical security tests and identify areas that need physical protection
- Find vulnerabilities in popular, common software as well as proprietary applications
- Pinpoint entry points for sophisticated adversaries
- Stay abreast of the latest security threats and malware
- Enhance current hardware and software with implementations of better security standards
- Document feedback and reports for review to the Technical Director and Cyber Lead.
- Candidates for this position MUST have a minimum of 10 years’ experience in Ethernet, IP, Optical, and DWDM technology and MUST be able to demonstrate competencies with Lab Configuration, testing and deployment support Ciena, Infinera, Juniper, Cisco platforms with detailed knowledge about implementing IP routing for both IPv4 and IPv6, and a detailed understanding of the protocols surrounding IP service provider networks.
- Skills should include: TCP/IP fundamentals, IP subnetting and supernetting hierarchical routing principles, Routing protocol (OSPF, IS-IS, and BGP-4) operation, migration, and scaling mechanisms, Routing policies at BGP peering points, VPNs and the associated tunneling technologies (L2TP, MPLS, etc.).
- Candidate should also possess strong background and understanding of all MPLS, IGP, IPSEC, 802.1Q, 802.1AE, and failover features/technologies, industry concepts such as SONET to Ethernet conversion, OTN to Ethernet conversion. L3vpn/L2vpn services understanding is also a must.
Security Clearance: Top Secret/SCI Eligible
- Bachelor’s Degree in computer science or information technology or equivalent years of experience;
- Demonstrated knowledge in analyzing and reporting analytical data;
- Strong communication and writing skills;
- Ability to work independently with minimal oversight
- Certified Penetration Tester (CPT)
- Certified Ethical Hacker (CEH)
- Certifications in JNCIP, JNCIE / CCIE or equivalent.
- Electrical and/or mechanical technical background
- Ability to deal with difficult people and problems
- Able to work well in a team environment with strong interpersonal skills
- Attention to detail experience in operating test equipment
- Experience in handling and managing laboratory equipment
- Experience in developing and writing reports
Other Desirable Qualifications/Skills
- Knowledge of cybersecurity practices and regulatory standards/guidance entities as well as cybersecurity frameworks and security control such as; Federal Risk and Authorization Management Program (FedRAMP), Federal Information Security Management Act (FISMA), Federal Information Processing Systems (FIPS) 200, National Institute of Standards and Technology (NIST) 800-xx, Committee on National Security Systems (CNSS) instructions, NIST Risk Management Framework (RMF), NIST Cybersecurity Framework (CSF) and DISA Security Technical Implementation Guides (STIGS)
- Hands-on configuration and troubleshooting of Ciena, Infinera, Juniper, and Cisco systems;
- Demonstrated ability to manage multiple projects and work calmly and cooperatively under pressure
- Knowledge transfer is very key for the lab work environment and will also be an important responsibility for the Engineers
- Certified Expert Penetration Tester (CEPT)
- Certified Cyber Threat Hunting Professional (CCTHP)
- Certified Red Team Operations Professional CRTOP)
- Certified Information Systems Security Professional (CISSP)
- Cisco Certified Network Associate Security (CCNA Security)
- Microsoft Certified Solutions Expert (MCSE)
- Cisco Security+
- Comfortable/Experience in working with, presenting to, and briefing mid and senior level managers
PHYSICAL DEMANDS/WORK ENVIRONMENT The physical demands described are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this job. While performing the duties of this job, the employee is frequently required to sit, talk and hear, use hands to keyboard and write. The employee is occasionally required to stand. The employee must occasionally lift and/or move up to 10 pounds. Specific vision abilities required by this job include close vision, distance vision, depth perception, and ability to adjust focus.
ExecuTech Strategic Consulting is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.