OneZero is looking for solutions-oriented professionals to join our diverse team of Cyber Security Specialists supporting a large Government client in the Rosslyn VA and Beltsville MD areas. We are an employee-centric company that truly appreciates our team members and their value to our customers and the missions they support. We pride ourselves on being forward-leaning thinkers and fostering teams that are and continue to be technically proficient and technically capable across a comprehensive range of cyber mission areas. OneZero full-time employees receive an extremely competitive benefits package that includes health/dental/vision/life insurance plans, 401K with company matching, PTO & paid holidays, employee referral program, and educational assistance. Additional details can be found on our website at: https://www.onezerollc.com/careers/

Position Title Penetration Tester

Clearance TS/SCI

Location Beltsville, MD

Responsibilities:

• Perform internal and external pentest against customer networks, enclaves, and external facing web services to identify areas of weakness and define their particular threat landscape
• Assist customers identification, application, and validation of weakness mitigation strategies
• Plan and execute pentest assessments against various technology types, Cloud, Mobility, Web, Wireless, Database, Network and End-Point assets and services, physical and social engineering, etc
• Draft vulnerability and risk assessment reports and briefs to include mitigation recommendations
• Support cyber incident response activities as needed for programs
• Conduct research and training on current and emerging malicious code threats and possible attack vectors

Requirements:

• Active Top Secret with SCI eligibility security clearance
• Bachelor's degree in engineering, computer science, or related technical field. 4 years of work experience may be substituted for a Bachelor's Degree; Associate's Degree plus 2 years of work experience may be substituted for a Bachelor's Degree.
• Years of experience. Demonstrated years of experience will be used to determine the position level (e.g. Mid., or Sr.) for the selected candidate
• Excellent written and oral communication skills a must, with the ability to work independently or as a member of a team
• Proficiency with any three of the tools listed below:
  • Kali Linux
  • Metaspoilt
  • Burp suite
  • Cobalt Strike
  • Tenable Nessus
  • Web Inspect
  • Scuba
  • Appdetective
  • sqlmap
  • Aircrack-ng
• Demonstrated experience in Pen Testing and Vulnerability Assessment
• Professional experience in incident detection and response, malware analysis, or cyber forensics
• Working knowledge of common Pen Test TTPs
• Experience in Python and PowerShell script development
• Familiarity with the MITRE ATT&CK framework
• Familiarity with Cloud concepts

Certifications:

One or more of the following certifications are preferred: PenTest+, CEH, CFR, OSWP, OSEE, GXPN, CCNA Cyber Ops, CCNA-Security, CySA+, GCIA, GCIH, SCYBER, CND