Penetration Tester (Cloud)

Gray Tier Technologies

Penetration Tester (Cloud)

Ashburn, GA
Full Time
Paid
  • Responsibilities

    Gray Tier Technologies is looking for a Penetration Tester to support Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) which is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations. The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates, and reports any suspected and confirmed security violations.

    Primary Responsibilities:

    • Perform cloud pentests and act as the cloud pentesting SME for the team

    • Perform internal and external pentest against systems to determine vulnerabilities and offer mitigation strategies.

    • Perform web app pentests

    • Perform vulnerability risk assessment

    • Perform physical pentests and social engineering

    • Perform cyber incident response as needed for programs

    • Perform internal and external pentest against systems to determine vulnerabilities and offer mitigation strategies.

    • Perform web app pentests

    • Perform vulnerability risk assessment

    • Perform physical pentests and social engineering

    • Perform cyber incident response as needed for programs

    Basic Qualifications

    Bachelors' degree from an accredited college in a related discipline, or equivalent experience/combined education, with 8 to 12 years of professional experience; or 6 to 10 years of professional experience with a Masters' degree. At least 6 years pentesting experience with at least 2 years cloud pentesting experience. Applicant should be proficient in testing of Kubernetes, Docker, and AWS infrastructure, with supporting knowledge from testing other cloud providers.

    Certifications: At least one mobile pentesting certification such as SANS GMOB

    • CISSP

    • GISF

    • GPEN

    • GWAPT

    • GXPN

    • OSCE

    • OSCP

    • OSEE

    • OSWP

    Clearance: A Secret Clearance is required with the ability to obtain a Top Secret SCI. In addition to specific security clearance requirements all CBP SOC employees are required to successfully complete a CBP Background Investigation to support this program