Penetration Tester - Cloud

We are an employeecentric company that truly appreciates our team members and their value to our customers and the missions they support. We pride ourselves on being forwardleaning thinkers and fostering teams that are and continue to be technically proficient and technically capable across a comprehensive range of cyber mission areas. OneZero fulltime employees receive an extremely competitive benefits package that includes health/dental/vision/life insurance plans 401K with company matching PTO & paid holidays employee referral program and educational assistance. Additional details can be found on our website at: Penetration Tester Cloud

Location: Ashburn VA

Clearance: Secret

Department of Homeland Security (DHS) Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent identify contain and eradicate cyber threats to CBP networks through monitoring intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN) commercial Internet connection public facing websites wireless mobile/cellular cloud security devices servers and workstations. The CBP SOC is responsible for the overall security of CBP Enterprisewide information systems and collects investigates and reports any suspected and confirmed security violations.

Primary Responsibilities
Perform cloud pentests and act as the cloud pentesting SME for the team
Perform internal and external pentest against systems to determine vulnerabilities and offer mitigation strategies.
Perform web app pentests
Perform vulnerability risk assessment
Perform physical pentests and social engineering
Perform cyber incident response as needed for programs
Perform internal and external pentest against systems to determine vulnerabilities and offer mitigation strategies.
Perform web app pentests
Perform vulnerability risk assessment
Perform physical pentests and social engineering
Perform cyber incident response as needed for programs

Basic Qualifications:
Bachelors degree from an accredited college in a related discipline or equivalent experience/combined education with 8 to 12 years of professional experience; or 6 to 10 years of professional experience with a Masters degree. At least 6 years pentesting experience with at least 2 years cloud pentesting experience. Applicant should be proficient in testing of Kubernetes Docker and AWS infrastructure with supporting knowledge from testing other cloud providers.

Certifications: At least one mobile pentesting certification such as SANS GMOB
CISSP
GISF
GPEN
GWAPT
GXPN
OSCE
OSCP
OSEE
OSWP

Clearance: A Secret Clearance is required with the ability to obtain a Top Secret SCI. In addition to specific security clearance requirements all CBP SOC employees are required to successfully complete a CBP Background Investigation to support this program

GMOB GIAC Mobile Device Security Analyst
GISF Security Fundamentals
GPEN Penetration
GWAPT Web Application Penetration Tester
GXPN Exploit Researcher and Advanced Penetration Tester
OSCE (Certified Expert)
OSCP (Certified Professional)
OSEE (Exploitation Expert)
OSWP (Wireless Professional)

Preferred Qualifications:
Understanding of Cyber Chain & Intelligence Defense
Ability to brief senior officials on pentesting requirements and results

OneZero Solutions LLC is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin or protected veteran status and will not be discriminated against on the basis of disability.

If you are a qualified individual with a disability or a disabled veteran you have the right to request an accommodation if you are unable or limited in your ability to use or access as a result of your disability.

To request an accommodation please contact us at or call.