Systems Security Specialist

Job Description

Required Qualifications

• A Minimum eight (8) years of progressive experience in cybersecurity
• A minimum of five (5) years performing penetration testing or red team engagements.
• A minimum of five (5) years conducting network penetration testing, web application and API testing, internal and external vulnerability assessments and threat modeling and attack path analysis
• A minimum of five (5) years developing and delivering formal penetration test reports, including executive summaries and technical remediation guidance.
• A minimum of five (5) years supporting incident response investigations and validation testing.
• A minimum of five (5) years with common penetration testing tools (e.g., Metasploit, Burp Suite, Nmap, Wireshark, Nessus, etc.).
• Strong knowledge of Secure coding practices, Application security testing (SAST/DAST concepts), Network architecture and segmentation and Identity and access management concepts
• A minimum of five (5) years of demonstrated scripting or development ability in at least one language (e.g., Python, C/C++, PowerShell, Bash).
• A minimum of five (5) years of working with NIST Cybersecurity Framework, NIST 800-53 or similar federal control frameworks, MITRE ATT&CK and OWASP Top 10
• A minimum of five (5) years of experience mapping findings to security control frameworks.
• At least one recognized offensive security certification (e.g., OSCP, GPEN, GXPN, CEH, or major experience can substitute for certification).
• Demonstrated ability to communicate technical findings to executive and non-technical audiences, and provide actionable remediation recommendations.
• Demonstrated experience working in government or highly regulated environments