AERMOR LLC

Junior Penetration Tester (SME I)

​​Employee Type: Full-Time
Location: Suffolk, VA
Job Type: IT Specialist 
Experience: 2+ Years
Clearance:  TS/SCI
Work Allocation: On-Site

​
AERMOR LLC is seeking qualified candidates to provide technical and analytical support for FCC OCA in support of all OCA inspections. Candidates shall perform a wide variety of technical support services and functions required to meet the mission of FCC OCA to enhance overall DoDIN-N readiness and security.

Responsibilities Include: 

• ​Support during CCORIs will include areas such as information technology (IT), Platform IT (PIT), Supervisory Control and Data Acquisition (SCADA), Weapon Systems, Hull, Mechanical and Electrical (HM&E), Combat & Integrated Warfare Systems (C/S), and other additional technology areas as directed by JFHQ-DODIN under the CCORI program.
• Utilize a variety of techniques and tools, such as surveillance, close-access operations, and penetration testing to discover cybersecurity flaws and vulnerabilities and shall provide the following:​ 
  
  • Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments.
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
  
• Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel
  
• Recognize and safely utilize attacker tools, tactics, and procedures.
  
• Develop scripts, tools, or methodologies to enhance cyber threat emulation processes.
  
• Provide hands-on expertise on-site and remotely, using manual and automated processes.
  
• Utilize knowledge of cyber threat emulation and penetration testing principles, tools, and techniques.
  
• Conduct remote and on-site operations to assess an organization’s cybersecurity posture and defensive cyberspace operational effectiveness against an opposing force and maintain related artifact documentation.
  
• Develop and evolve scenarios, capabilities, and Tactics, Techniques, and procedures (TTPs) based on known threats to the DoDIN, new technologies, previous inspection analysis, and lessons learned.
  
• Conduct post-inspection sanitization, analysis, and reporting.
  
• Develop and maintain threat assessment SOPs, checklists, and guides associated with CTE in cybersecurity inspections/assessments.
  
• Experience in exploitation and vulnerabilities associated with most common operating systems (Windows, Linux, etc.), protocols (HTTP, FTP, etc.), and network security services (PKI, HTTPS, etc.).
  
• Manage the multi-domain/multi-forest Active Directory to support operations.
  
• Simulate sophisticated cyberattacks to identify vulnerabilities.
  
• Ensure inspection data is captured, collected, and archived in Government data repositories. Provide post-inspection reports, storyboarding, analysis and trending, and lessons learned.
  

​
Required Skills and Experience: 

• Minimum of two (2+) years’ experience in DoD Network Operations or IA operations to include Local Area Network (LAN) administrator experience. The position will primarily require the candidate to work with a team of penetration testers, helping to conduct varied testing efforts against applications and networks both for the federal government.
• Integrate into ongoing testing efforts, requiring subject matter expertise in multiple disciplines of vulnerability testing and assessment, the ability to interact and liaison directly with clients, and a strong ability to write and document findings.
  
• DoD 8570.01-M IAT Level II Certification OR CSSP Auditor OR CSSP Analyst.
  
• One of the following certifications: CEH, CySA+, GCIH, GCIA, GSNA, GICSP, CISA, CFR, SCYBER.
  
• Education: Minimum of Associate’s degree in a related field, or equivalent education or experience and related training.

Apply Now

​

For more information contact: careers@aermor.com