IT Security Specialist Penetration Tester (Surge Support)

Job Title: IT Security Specialist Penetration Tester

Location:Hybrid (Reside within a commutable distance of Silver Spring MD to work onsite as required)

Citizenship:US Citizen

Security Clearance:Must hold a Valid NOAA / NWS / DoC Public Trust

Exemption Status:Computer Exempt

**SURGE SUPPORT**

AttainX Inc. is in search of a highly energetic Penetration Testerto join our team on a cyber security program supporting our US federal government client.

Are you a seasoned penetration tester with a passion for uncovering vulnerabilities and securing complex systems Were looking for a highly skilled and experienced professional with a minimum of 5 years of proven expertise in penetration testing and ethical hacking to join our this role youll take a hands-on approach to identify exploit and report security weaknesses across diverse environments including AWS Azure and on-premises infrastructure. Your work will directly contribute to fortifying critical systems and protecting sensitive data from evolving cyber threats.

If you thrive in dynamic high-stakes environments and excel at devising creative solutions to complex security challenges we want to hear from you. Join us in our mission to build a safer digital future.

Qualifications and Education Requirements:

Basic Qualifications:

• A minimum of 5 years of proven penetration testing and ethical hacking experience.
• Hands-on experience in penetration testing across AWS Azure and On-Premise environments.
• At least 5 years of recent experience (within the last 6 years) in applying IT security concepts methodologies principles procedures and using industry-standard IT security tools (e.g. Burp Suite Metasploit Wireshark).
• At least 5 years of recent experience (within the last 6 years) with enterprise architecture methodologies concepts procedures principles and tools.
• At least 5 years of recent experience (within the last 6 years) in contingency planning and backup and recovery best practices and application of NIST guidance in this area.
• At least 5 years of recent experience (within the last 6 years) in using technical testing tools (Tenable Security Center ArcSight IBM Big Fix etc.).
• At least 5 years of recent experience (within the last 6 years) in conducting penetration testing or the ability to bring in a penetration tester when required.
• At least 5 years of performing assessments of Federal Information Systems using the Risk Management Framework.
• Possess at least one of the following professional Certifications required by DOC Enterprise Cybersecurity Policy (ECP) Annex C-1:

1. Controls Assessor.
2. Certified Information Systems Security Professional (CISSP).
3. Certified Information Systems Auditor (CISA).
4. GIAC Certified Incident Handler (GCIH).
5. GIAC Systems and Network Auditor (GSNA).
6. Electronic Commerce Council Certified Ethical Hacker (CEH).
7. ISC2 Certified in Governance Risk and Compliance (CGRC).
8. Security Certified Network Professional (SCNP).
9. Security Certified Network Architect (SCNA).

• Proficiency in verbal and written communications.
• Proficiency in interview skills.
• Proficiency in interpersonal skills.
• Proficiency in handling multiple tasks concurrently.
• Proficiency in project and time management.
• Ability to adjust to changing priorities.
• Ability to work in a cohesive team-oriented environment.
• Must be a US Citizen able to obtain and maintain a Moderate Public Trust.

Preferred Qualifications:

• Knowledge of DOC NOAA and NWS IT security policies and implementation standards or those of similar sized organizations AND comprehensive understanding of NIST guidance toinclude NIST Special Publications and Federal Information Processing Standards.
• Self-starter highly motivated individual who adapts to a dynamic work environment.
• Strong attention to detail with an ability to operate effectively across multiple priorities.

Education / Experience:

Ideal for candidates with 57 years of hands-on penetration testing experience who are looking to advance into intermediate-level roles.

Skills:

Cyber Security Penetration Tester

Duties:

We are searching for Penetration Tester to support Security Assessment and Authorization initiatives for our Government client. Job duties include:

• Protocol analysis vulnerability discovery and exploitation post exploitation impact analysis and physical security.
• Highly technical problem-solver who understands software architectures security communication protocols virtualization and hardware and work with other engineers to the resolution of problems in design development and operations.
• Perform manual and automated firmware analysis on target devices.
• Perform pen tests fuzzing and custom exploit attacks against client systems.
• Review deployment architectures topologies and conops for compliance regulatory security mandates.
• Produce security reports suitable for submission to regulatory bodies.
• Conduct hands-on technical testing beyond automated tool validation including full exploitation and leveraging of access within multiple environments.
• Conduct scenario-based security testing or red teaming to identify gaps in detection and response capabilities of client end systems.
• Conducting research and testing in support of client requirements.
• Designing implementation and integration of security solutions.
• Designing development and support of the companys line of technology products.
• Analyzes information security systems and applications.
• Recommends and develops security measures to protect information against unauthorized modification or loss.
• Familiar with a variety of the fields concepts practices and procedures.
• Relies on experience and judgment to plan and accomplish goals.
• Performs a variety of complicated tasks.

Non-Essential Functions:

• General Duty Requirements.

Work Location:

Shall perform all functional and technical tasks remotely hybrid work environment with occasional travel for client engagement industry events contract negotiations or at AttainX facility.

About Us:

AttainX Inc. is SBA Certified 8(a) Women Owned Small Business (WOSB) Economically Disadvantaged WOSB (EDWOSB) CMMI Level 3 ISO 9001:2015 certified QMS and Silver Level SaFe Partner. For more than 12 years AttainX Inc. has delivered emergent technologies software products and high-quality services that meet the needs of our Federal Government customers.

The last 4 years have shown significant company growth as we have increased our contracts portfolio and hold the Best in Class contract vehicles GSA MAS and OASIS Small Business and 8(a) Pools 1 2 and 3. In addition we are prime on several Agency Specific IDIQs and BPAs with the National Oceanic and Atmospheric Administration Department of Energy Navy Health and Human Service and the Defense Intelligence Agency.

AttainX is dedicated to quality and best practices for the services we provide. We understand our people are the key ingredient to ensuring our customers Mission and Goals are met with excellence.

Benefits:

We are proud to offer competitive compensation and benefits packages to include paid vacation medical dental vision matching 401K plan tuition/training reimbursement and Long & Short-Term Disability.

EEO Commitment:

AttainX is an equal employment opportunity employer we are committed to providing a workplace that is free from discrimination based on Title VII of the Civil Rights Act VEVRAA and Section 503 or other status protected by applicable federal state local or international law. These protections also extend to applicants.

Accommodation:

If you are an individual with a disability and would like to request a reasonable workplace accommodation please send an email to Indicate the specifics of the assistance needed.

Physical Demands:

Sitting and working on a computer for long continuous periods each day; effective communications by telephone email and face-to-face; standing walking and sitting; handling and feeling objects or controls; reaching; talking and hearing; lifting and/or moving up to 10 pounds; and specific vision abilities including close vision distance vision color vision peripheral vision depth perception and the ability to adjust and focus.

Work Environment:The noise level in the work environment is usually moderate.