Pen Test Operator

Job Family:

Travel Required:

Clearance Required:

What You Will Do:

This position is expected to conduct penetration testing activities on High Value Asset (HVA) systems owned and operated by federal civilian agencies. This position requires experience in providing penetration testing services using a variety of tactics techniques and procedures to identify exploitable vulnerabilities in networks and systems. They will also measure compliance with organizational security policies test whether staff are aware of security issues and ultimately determine the organizations risk to cybersecurity threats.

Other Responsibilities Will Include

• Performing network mapping and reconnaissance documenting Rules of Engagement to guide the scope developing test plan and assisting with acquiring management approval.
• External Testing: Conducting a variety of penetration tests based on systems criticality test objectives and organizations requirements to include:
• Working with IT personnel to define scope for targeted testing; and
• Mimicking an outside attacker to gain access to system and what information can be accessed.
• Internal Testing: Mimicking an outside an insider attack to determine risk employees with various access levels pose to the organization.
• Red Team Testing: Focusing testing activity towards accessing specific target datasets. Testing methodology should include crafted emails custom public websites exploit code and social engineering.
• Analyzing test results developing a report on discovered vulnerabilities and providing riskbased recommendations to remediate those vulnerabilities.

What You Will Need:

• An ACTIVE and MAINTAINED SECRET Federal or DoD securityclearance
• Bachelors degree
• THREE or more years experience relevant to Penetration Testing or IT Systems Configuration or Risk and Vulnerability Assessment or Cybersecurity and/or IT Technology Consulting

What Would Be Nice To Have:

• An ACTIVE and MAINTAINED TOP SECRET Federal or DoD security clearance
• Masters Degree preferred
• CISA AES HVA Assessment certification with proof of certification as a CISAAES HVA Pen Test Operator.
• Experience supporting US government cybersecurity programs.
• CISSP or CISM.
• Experience managing direct client engagement team to deliver impactful support to Federal clients.
• Experience with managing/supporting and/or knowledge of cybersecurity or HVA Program.
• One of the following certifications: Offensive Security Certified Professional (OSCP) or GIAC Penetration Tester (GPEN) or Certified Ethical Hacker (CEH) Certification.
• Experience conducting HVA assessment or performing Risk and Vulnerability Assessments.
• Knowledge of Cybersecurity Framework Risk Management NIST 80083 Rev 5.
• Experience developing and maintaining working relationships while serving Federal clients onsite.
• Ability to identify obstacles and opportunities that impact the success of plans or initiatives.
• Excellent oral and written communication and presentation skills.
• Ability to communicate effectively and demonstrate leadership when interacting with clients and fellow team members.

What We Offer:

Guidehouse offers a comprehensive total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.

Benefits include:

• Medical Rx Dental & Vision Insurance

• Personal and Family Sick Time & Company Paid Holidays

• Position may be eligible for a discretionary variable incentive bonus

• Parental Leave and Adoption Assistance

• 401(k) Retirement Plan

• Basic Life & Supplemental Life

• Health Savings Account Dental/Vision & Dependent Care Flexible Spending Accounts

• ShortTerm & LongTerm Disability

• Student Loan PayDown

• Tuition Reimbursement Personal Development & Learning Opportunities

• Skills Development & Certifications

• Employee Referral Program

• Corporate Sponsored Events & Community Outreach

• Emergency BackUp Childcare Program

• Mobility Stipend

About Guidehouse

Guidehouse is an Equal Opportunity EmployerProtected Veterans Individuals with Disabilities or any other basis protected by law ordinance or regulation.

Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.

If you have visited our website for information about employment opportunities or to apply for a position and you require an accommodation please contact Guidehouse Recruiting ator via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.

All communication regarding recruitment for a Guidehouse position will be sent from Guidehouse email domains including @ or . Correspondence received by an applicant from any other domain should be considered unauthorized and will not be honored by Guidehouse. Note that Guidehouse will never charge a fee or require a money transfer at any stage of the recruitment process and does not collect fees from educational institutions for participation in a recruitment event. Never provide your banking information to a third party purporting to need that information to proceed in the hiring process.

If any person or organization demands money related to a job opportunity with Guidehouse please report the matter to Guidehouses Ethics Hotline. If you want to check the validity of correspondence you have received please contact . Guidehouse is not responsible for losses incurred (monetary or otherwise) from an applicants dealings with unauthorized third parties.

Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.