​​​​​​​​Employee Type: Full-Time
Location:  Norfolk, VA
Job Type: Senior Cyber Test Engineer
Experience: 5+ Years​

Clearance Type: Secret (TS Eligible)

AERMOR LLC. is seeking qualified candidates with Cyber Test Engineer experience that will be able to work closely with other members of a test team to help produce test plans for the Navy Red Team (NRT).

Responsibilities Include:

  • ​Observes and assesses fleet and combatant cyber exercises.
  • Develop, maintain and assist in the execution of test plans.
  • Conduct a Cybersecurity architecture (SUT or SoS) review and document review.
  • Participate in cross-functional team meetings, scoping, decision making, and technical discussion.
  • Interface with developers to obtain and clarify documentation.
  • Review system diagrams, cybersecurity architecture, and other documentation analyze testability of requirements, and identify the attack surface and attack vectors.
  • Apply analytical and problem-solving skills to determine appropriate testing scenarios in alignment with the mission as well as functional and technical specifications.
  • Communicate with key stakeholders to ensure their requirements are met.
  • Work closely with Program Office and development teams to stay current on system functionality.
  • Review hardware and software capabilities and vulnerabilities as required to support testing.
  • Conduct Cybersecurity test planning site surveys.
  • Develop cybersecurity test designs to support Operational Test Directors.
  • Identify representative exploitations to fully test the cybersecurity of any system under test.
  • Coordinate with other program elements while conducting security testing.

Required Skills and Experience:

  • Experience decomposing system diagrams, cybersecurity architecture, and other documentation to determine the potential attack surface and attack vectors.
  • Experience with software and/or hardware testing.
  • Demonstrated ability to organize, prioritize, and self-manage multiple project tasks.
  • Proficiency with computer hardware and software systems.
  • Knowledge of Microsoft and Linux operating systems and embedded and Real-Time Operating Systems.
  • Ability to articulate open issues and risks in a timely manner to management and make recommendations.
  • Must be a self-starter with the ability to pick up and learn new systems and architectures with little supervision, as well as to adapt to a variety of situations and tasks.
  • Excellent written and verbal communication skills.
  • Identify insider and nearside threat opportunities and mitigations as well as physical security controls.
  • Familiarity with computer security measures.
  • Experience with test automation.
  • Experience with Defense Information Systems Agency (DISA) Security Implementation Guides (STIGs) and security controls.
  • Knowledge of Cyber test tools (e.g. Retina, SCAP, ACAS, Nessus, Metasploit, Burp, Nessus, Kali Linux Tool Suite, Core Impact, Burp Suite, IDA Pro, OllyDbg/WinDbg, Nmap, John the Ripper, Cain, Nikto, and packet analysis tools (Wireshark/TCPDump)).
  • Familiar with the Risk Management Framework.
  • Knowledge of domain structures, user authentication, data encryption, access audits, and end-user security best practices.
  • Knowledge of data at rest and data in motion principles.
  • Knowledge of network defense systems including but not limited to network and host-based IDS, IPS, firewall, web application firewall, proxy, and SIEM systems.
  • Understanding of SCADA systems and protocols.
  • Knowledge of current security tools and industry best practices: tools, techniques, procedures, tactics, attacks, and forensics.
  • Understanding of storage and databases, including relational databases, database management systems, enterprise storage solutions, and security concerns specific to these technologies.
  • Experience with system administration, networking, Computer Network Attack (CNA), Computer Network Exploitation (CNE), Computer Network Defense (CND), and/or penetration testing.
  • Understand fundamentals of how to exploit vulnerabilities in tested systems including (but not limited to): system misconfigurations, zero-day vulnerabilities, Denial of Service (DoS) or Distributed Denial of Service (DDoS) vulnerabilities, privilege escalation, unsupported or unpatched software, and phishing attacks.


  • Knowledge of DoD/Navy networks and communications.
  • Experience with TCP/IP, VLANs, Cyber vulnerability remediation, and Cyber risk analysis.
  • Familiarity with the DISA Enterprise Mission Assurance Support Service (eMASS) application as used to develop, manage and track IA artifacts.
  • Familiarity with Information Assurance Vulnerability Management (IAVM) Plan.
  • Knowledge of scripting and its uses in Cyber testing.
  • Experience translating requirements and capabilities into operational test plans.
  • Knowledge and experience with Virtual Machines.
  • Knowledge and understanding of system BIOS settings.

Education Requirements

  • 4 Year Degree in one of the following: Computer Science, Computer/Electrical engineering, Systems Engineering (technical), Aeronautical engineering OR
  • ​Minimum 2 years of DoD cybersecurity experience AND Minimum 2 years’ experience in one of the following: Network engineering, Programming (C/C++, python, Bash, etc.), Systems test engineering, Project management, Penetration testing.
  • ​DoDD 8570 IAM/IAT II certification or ability to obtain.

Apply Now​

For more information contact: careers@aermor.com

Cyber Test Engineer