Graham Technologies is hiring Cyber Security SME/Pentester in College Park, MD. We are looking for a candidate who is responsible for performing penetration test on Windows, Linux systems, and Cloud environments.
- Independently perform penetration and malicious user testing on Sponsor’s networks, OS, databases, web applications, and enterprise, both in cloud and on premise.
- Draft a pre-test report indicating all planned testing activities, tools, and expected results.
- Draft a detailed report identifying vulnerabilities found during testing, provide analysis on severity and impact of findings, and recommend mitigations to correct vulnerabilities.
- Demonstrate and maintain proficiency on testing software, specifically: Metasploit, NMap, Wire Shark, Cobalt Strike, Burp Suite, Kali Linux (testing tools), PowerShell Empire, NESSUS.
- Stay up-to-date on latest exploits and security trends.
To land this positions you must have an Active TS/SCI with FS Poly and working knowledge of the below skills
- Demonstrated experience conducting penetration and malicious user testing in cloud environments, including Amazon Web Services, as well as on premise systems.
- Demonstrated experience performing grey and black box penetration testing and system exploitation against servers, applications, operating systems, and security systems to gain root/admin access for highly specialized network systems.
- Demonstrated experience performing reconnaissance, privilege escalation persistence, lateral movement, and payload generation against Information Systems.
- Demonstrated technical experience analyzing vulnerabilities and delivering clear and coherent written reporting identifying network risks and providing mitigation recommendations.
- Demonstrated experience in translating an understanding of systems and applications into security test plans and performing hands-on security testing leveraging adversarial tactics.
- Demonstrated knowledge of Information Security policies and guidance, as well as the ability to assist in researching, evaluating, and developing relevant security policies and guidance.
- Demonstrated technical experience with Linux, Windows, wireless, and virtual platforms.
- At least one active certification from the following: Certified Ethical Hacker, CISSP, OSCP, CEH, CEPT, Security+, CRTOP, CPT, LPT Master, CNDA, or CompTIA PenTest+.
- Demonstrated experience identifying, proving, and reporting vulnerabilities that cannot be identified by scanners or tools.
- Experience performing Red Team, Blue Team Operations.
We’ll pay you a competitive salary commensurate to your experience. Graham Technologies benefits package includes comprehensive health and dental care, life insurance and AD&D, 401(k), up to 27 days of paid time off per year, 10 holidays per year, short and long term disability, education/training assistance, referral program and transportation benefits. We also believe in work to life balance and treating our employees as part of the Graham Tech family. We are looking for employees who want to grow in their career and with our company.
About Graham Technologies
Established in 2007, Graham Technologies provides Information Technology (IT) and engineering support services to the commercial and federal sectors. Through Superior IT support services and application modernization, Graham has assisted customers in achieving their respective goals and objectives; increasing their return on investment (ROI); and maintaining efficiency and effectiveness of their IT solutions. Graham Technologies is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.
Are you willing to accept the mission?
Sounds interesting? Start the conversation. Tell us what the next step in your career could be.