Junior Penetration Tester Job at Dark Wolf Solutions, LLC in Ogden

Overview

Dark Wolf Solutions is looking for a Junior Penetration Tester who will plan and perform continuous cross-domain vulnerability assessments, full-scale penetration testing and red team operations. The candidate should be familiar with cloud-based and on-premises Windows, Linux and mobile operating systems and environments and be able to conduct network and application security vulnerability analysis. The role involves analyzing both commercial and federal mission systems to identify potential vulnerabilities and to help provide and implement remediation strategies to customers. The candidate should have experience with multiple facets of penetration testing, using and ideally developing or contributing to both open source and proprietary tools. The role includes conducting open-source research on clients and their infrastructure to help identify data leakage that could lead to vulnerabilities, and leveraging programming knowledge to develop custom tools and exploits for targeting client systems and building internal testing capabilities. The position requires full-time onsite work at Hill Air Force Base in Ogden, UT.

Location: Ogden, UT

Security: US Citizenship and an active Top Secret/SCI security clearance required

Duties/Responsibilities

Candidates may move between projects and participate in either single engagement penetration tests or continuous engagement Red Teams. The role primarily involves leading the technical aspects of long-term penetration testing efforts, conducting varied testing against applications and networks for the federal government. Candidates may be placed on a larger Red Team and develop a continuous campaign-based assessment that emulates a target’s real-world adversaries by developing new tools specific to the target. You will be expected to integrate into ongoing testing efforts, requiring subject matter expertise in multiple vulnerability testing disciplines, the ability to interact with clients, and a strong ability to write and document findings. Travel is required on an occasional basis for onsite testing. The successful candidate will be open to security clearance sponsorship and evaluation.

Required Qualifications

• 3+ years’ experience in three or more areas such as: intelligence analysis, network engineering, networking security, penetration testing, red team operations, hardware/software engineering, exploit development, reverse engineering, vulnerability assessment, physical security assessments, social engineering
• Strong knowledge of testing simulated intrusion attempts and physical penetration testing
• Proficiency in testing and assessing mobile operating systems, embedded systems and/or IoT devices
• Familiarity with unmanned aerial vehicles and related mobile and wireless technologies
• Proficiency with operating systems: Windows, iOS, Android, Mac or Linux
• Proficiency with cloud technologies and deployments: AWS, Azure, GCP
• Moderate competency in at least one scripting and/or coding language
• Working knowledge of software development, preferably with experience collaborating with software development teams
• Experience in network analysis methodologies
• Experience in drafting reports and documenting case details, with ability to summarize findings and recommendations
• Strong written and verbal communication skills
• BS (or equivalent) in Cybersecurity, Information Security, IT, EE, Network Engineering, Computer Science, or related field
• Willingness to travel
• US Citizenship and an active Top Secret/SCI security clearance required

Desired Qualifications

• Familiarity with container technologies, container orchestration and microservices
• Experience with DevSecOps and related tools; preference for Kubernetes and software development pipelines
• Security Certifications: CEH, OSCP, PNPT or similar
• Experience with advanced forensic tools and techniques for attack reconstruction, including dead system analysis and volatile data collection
• Experience in post-incident computer forensics without destruction of critical data
• Experience ensuring quality assurance and promoting best practices
• MS degree in a technical field
• Security+ Certification

Compliance: This position is located in Ogden, UT. We are an EEO/AA employer and we comply with federal employment laws. All persons hired will be required to verify identity and eligibility to work in the United States.