Penetration Test Engineer Technical Specialist
Vencore is a proven provider of information solutions, engineering and analytics for the U.S. Government. With more than 40 years of experience working in the defense, civilian and intelligence communities, Vencore designs, develops and delivers high impact, mission-critical services and solutions to overcome its customers most complex problems.
Headquartered in Chantilly, Virginia, Vencore employs 3,800 engineers, analysts, IT specialists and other professionals who strive to be the best at everything they do.
Vencore is an AA/EEO Employer - Minorities/Women/Veterans/Disabled
SETA support for Information Assurance and Penetration Testing activities in support of the IC Customer.
The candidate will support the customer organization by:
- Serving as the Security Compliance and Testing Lead for assigned systems;
- Analyzing IC ITE software and data services for variances from IC security policies;
- Performing network, application, data, and identity penetration testing; and
- Developing vulnerability assessments and reports.
Requires 10 to 12 years with BS/BA or 8 to 10 years with MS/MA or 5 to 7 years with PhD.
- Bachelor’s Degree in Computer Engineering, Computer Science, Electrical Engineering, Information Systems, Information Technology, or a closely related Engineering or IT discipline.*
- 10 years or more of developing, implementing, integrating, maintaining, and evaluating security engineering and security architecture for IT enterprise architectures.
- NIST SP 800-53/CNSS 1253 or network penetration testing experience
- Active Certified Information Systems Security Professional certification (CISSP).
- Active TS/SCI with Polygraph
- * 5 additional years designing, integrating, and maintaining enterprise IT and related mission systems may be substituted for the required Bachelor’s degree.
- Excellent communications, customer-relations, task leadership, and time management skills.
- 5 years or more performing vulnerability assessment for at least one of the following: data-marts, application clouds, desktop and collaboration suites, application distribution and license management systems, access control systems, big-data management and search systems, data transport systems, world-wide networks, IT health and status monitoring systems, IA threat management systems, or ITSM incident and service request management systems.
- Very familiar with at least one of the following: NSA, CIA, NRO, NGA, DIA, DHS, FBI or DoD information security architectures.
- Very familiar with the Federal Information Security Risk Management Framework (RMF).
- Active Certified Ethical Hacker (CEH) certification.
Company Type: Privately Held
Company Size: 1,001-5000