Cyber Threat Auditor (Penetration Testing)

Peraton is seeking a Cyber Threat Auditor (Pentester) to join our team in support of the U.S. Army Europe Regional Cyber Center (RCC-E) in Wiesbaden Germany.

Location: Wiesbaden Germany

In this role you will:

• Conduct penetration testing evaluations on US DoD information networks and systems. Conduct active pentests against US Army targets to assess the potential of compromise by malicious actors.
• Vet tools for use in the program.
• Prepares assessments and cyber threat reports of current vulnerabilities leveraged into exploitation.
• Conduct purple team events to improve the posture of cyber threat detection awareness and reporting.
• Produces high-quality papers presentations recommendations and findings for senior US government intelligence and network operations officials.

Job Duties:

• Utilize offensive toolsets such as Metaspolit and Kali Linux to safely analyze and penetration test production networks and systems documenting steps and procedures to produce usable vulnerability assessments for the customer.
• Identify and investigate vulnerabilities asses exploit potential and document findings and remedies for presentation to facilitate mitigations on customer systems.
• Perform planning execution and documentation of penetration testing missions in accordance with Red Team methodologies.
• Perform web application testing using tools such as Burp Suite Zap Proxy Skipfish and Nikto and open source toolsets.
• Travel to customer sites to perform network security evaluations penetration tests and brief customers on findings.
• Perform daily cyber threat research and present findings to the organization to maintain knowledge of current. adversary tactics techniques and procedures and how to apply them.
• Brief staff and leadership on these findings.
• Perform open-source intelligence gathering to prepare for missions.
• Write reports of vulnerabilities to increase customer situational awareness and improve the customers cyber security posture.
• Assist all sections of the Defensive Cyber Operations team as required in performing Analysis System Administration and other duties as assigned.
• Contribute to the design development and implementation of countermeasures system integration and tools specific to Cyber and Information Operations.
• Write reports of remotely exploitable vulnerabilities to increase customer situational awareness and improve the customers cyber security posture.
• Prepare and present technical reports and briefings.

Requirements:

• BA/BS with 5 years relevant experience. An additional 4 years will be considered in lieu of degree.
• Must be able to qualify for Technical Expert Status Accreditation (TESA) by having a bachelors degree in a STEM or Business field plus 3 years of specialized experience OR an Associates degree plus 7 years of specialized experience OR a major certification plus 7 years of specialized experience.
• Active DoD Approved 8140 Certification in:
  • DCWF 541 Advnced (M.S. in IT or one of the following: CFR CISA CISM CySA GPEN GSNA).
  • 8140 Residential Certification (One of: TCM Security PNPT HTB CPTS Zero Point TRO Offensive Security OSCP OSCE GPEN GWAPT GAWN GXPN GWEB).
• Must have a full complete and in-depth understanding of all aspects of Defensive Cyber Operations.
• Must be fluent in all aspects of government and corporate communications media to include all MS Office products and common task ticketing systems.
• Must possess an in-depth understanding of penetration testing methodology including recon exploit persistence etc..
• Must have a solid understanding of networking protocols their uses and their potential misuses.
• Programming experience in one or more languages experience in HTLM/CSS or SQL.
• Experience with one or more scripting languages such as PowerShell Bash Python or Perl.
• Ability to work independently as well as part of a team.
• Strong written and verbal communication skills required.
• U.S. citizenship required.
• An Active DoD Top Secret security clearance with SCI eligibility.

Preferred Qualifications:

• Offensive Security OSCP.
• Army Certified Penetration Tester (or Instructor).
• Fluency in one or more programming language (e.g. Python C# Golang).
• In-depth understanding of physical penetration testing or PACS.
• Demonstrated ability to produce written deliverables and brief senior leadership.
• Self-starter with excellent judgment capable of independent decision making.

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the worlds leading mission capability integrator and transformative enterprise IT provider we deliver trusted highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land sea space air and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day our employees do the cant be done by solving the most daunting challenges facing our customers. Visit to learn how were keeping people around the world safe and secure.