Penetration Tester/Ethical Hacker
In this role you shall be responsible for identification of vulnerabilities and pathways for exploit, as noted, but shall also have responsibility for post exploitation recommendations, scripts and other remediation efforts to ensure that vulnerable systems are not left in an exposed state. Recommendations to reduce threat exposure shall also be submitted during the post exploitation and remediation phase.
This work is in direct support to DoDEA where you shall provide expertise to focus in Information Assurance (IA) and Support to Computer Network Defense (CND). The effort shall be focused on continual readiness via:
- Emulation of potential adversaries’ cyber security attack or exploitation capabilities against DoDEA’s Information Systems
- Support to address new and enhanced continual Information Assurance (IA) operational readiness requirements for Department of Defense and US Cyber Command readiness inspections, as required.
- Documentation support for these joint cyber readiness activities.
Search for known vulnerabilities in a system and reports potential exposures.
Penetration Testing efforts in accordance with the NIST SP800-115, “Technical Guide to Information Security Testing and Assessment”, frameworks are designed to expose and exploit weaknesses in a system
architecture or computing environment.
Conduct ethical hacking reconnaissance, scanning, exploitation attacks and in the case of this effort, post-exploitation remediation efforts to meet DoDEA Information Assurance
Continually enhance the DoDEA Information Assurance Readiness posture
Provide subject matter expertise for the purpose of implementing a robust and continual DoDEA IA Program for proactive reconnaissance, scanning, exploitation attacks and post exploitation remediation.
Realizing that DoDEA needs to stay one step ahead of adversaries, the functional responsibilities of this section shall include the following:
- Utilize commercial and open source tools to conduct a global network discovery, reconnaissance and mapping of perceived and actual network boundaries.
- Identify and prepare findings and recommendations regarding ineffective IA technologies in use.
- Prepare weekly and monthly Rules of Engagement (RoE) in advance of scanning/exploitation for submission to, and approval by, the Chief Information Security Officer and CIO/DCIO.
- Coordinate in advance with DoDEA’s Computer Network Defense Service Providers to ensure that false positive incidents are mitigated.
- Daily reconnaissance and scanning assessments in association with preauthorized Rules of Engagement, against CONUS and OCONUS DoDEA Targets.
Daily exploitation attacks, in association with preauthorized Rules of Engagement, against CONUS and OCONUS DoDEA Targets.
- Daily reconnaissance and scanning assessments shall be conducted in association with open source and custom scripted tools
- Reconnaissance activities must be formally documented.
- Create reports and provide briefings on identification of vulnerabilities
- provide recommendations to reduce threat exposure
- At least eight (8) years of professional experience performing information assurance, ISSO or security operations duties in support of federal government agencies.
- Active DOD/DSS TOP SECRET security clearance
- Experience in penetration testing in accordance with NIST SP 800-115
- Experience producing artifacts of daily exploitation, reconnaissance and scanning assessments performed using open source and custom scripted tools. Tools to be utilized include, but are not limited to: BURP Suite, Zap Proxy, Metasploit, SQLMap, SQL Ninja, Kali Linux and other custom, open source and commercial toolsets. Commercial tool based assessments shall not exceed 20% of the overall scan activity in the course of a designated time period.
- CEH certification
- Strong grasp of ethical hacking
- Strong grasp of penetration testing
- Strong grasp of vulnerability assessements
- Must have solid familiarity or awareness with the privacy regulations for Children's Online Privacy Protection Rule (COPPA) and Children's Internat Protection Act (CIPA)