5866623 |
Penetration Testing Program Support |
Yakshna Solutions, Inc. (YSI) is seeking a qualified and experienced Full Time Penetration Testing Program Support for Fort Lee, VA. The selected candidate will be able to communicate effectively (written/verbal), possess strong interpersonal skills, be self-motivated, and be innovative in a fast-paced environment.
The contractor shall :
- Complete missions through the coordination of government officials; participate and/or brief project kick-off and close-out presentations meetings; and deliver project in/out brief presentations and a final finding report as deliverables throughout the project schedule.
- Participate in (Penetration and Social Engineering) mission meetings required to document the requestor requirements and produce a mission Rules of Engagement Plan as a deliverable within five (5) business days after identifying the requestor’s requirements. The ROE shall at a minimum, include the System Under Test (SUT), pentest activities, mission timelines, communication plan, scope, mission purpose, and the intended outcome and benefits of testing relating to the requestor’s security requirements.
- Conduct a kick-off meeting and create an In-brief (PRS #7) presentation that will be delivered to the requestor (Executive Leadership) at least two (2) business days prior to mission start date.
- Conduct mission review meetings (Hotwash) when directed by mission manager and Executive Leadership as identified in the ROE, the Contractor shall report a status on all recent mission activity, findings, and concerns.
- Maintain an active log of all of their activity conducted throughout the mission.
- Conduct a meeting and create an Out-brief (PRS #7) presentation that will be delivered to Executive Leadership, Administrators, and Project Managers at least two (2) business days prior to mission end date.
- Generate a Penetration Testing Technical Report (PTR)(PRS #13) that will summarize the mission within the Executive Summary and at a minimum, identify the high security risks, threats, and failures found during the mission; have a detailed findings section detailing every findings with an overview, evidence, root cause analysis and recommended mitigation plan of action addressing each security issue; and will be delivered to the Government 20 business days after mission out-brief
Responsibilities :
- The Penetration Testing Program employs simulated adversarial threat-based approaches to expose and exploit government Computer Network Defense (CND) vulnerabilities as well as system vulnerabilities as a means to identify weaknesses and to improve the security posture and operational procedures used to protect government Information Systems & Computer Networks. The Contractor shall perform Penetration Testing Program missions for customer security requirements to test and validate the effectiveness of customers’ IT security posture IAW, CJCSI 6510.01F, CJCSM 6510.03, DoDI 8530.01, NIST SP 800-115, and Dodi 8510.01.
- Participate in (Penetration and Social Engineering) mission meetings required to document the requestor requirements and produce a mission Rules of Engagement
- Plan as a deliverable within five (5) business days after identifying the requestor’s requirements.
- The ROE shall at a minimum, include the System Under Test (SUT), pentest activities, mission timelines, communication plan, scope, mission purpose, and the intended outcome and benefits of testing relating to the requestor’s security requirements
- Conduct a kick-off meeting and create an In-brief presentation that will be delivered to the Executive Leadership at least two (2) business days prior to mission start date.
- Generate a Penetration Testing Technical Report (PTR) that will summarize the mission within the Executive Summary and at a minimum, identify the high security risks, threats, and failures found during the mission; have a detailed findings section detailing every findings with an overview, evidence, root cause analysis and recommended mitigation plan of action addressing each security issue; and will be delivered to the Government 20 business days after mission out-brief.
Required TS clearance And have the following certs: :
- IAT III / CSSP Analyst Certified
- OSCP or GPEN
- No Remoted
Annual Salary: $90K plus benefits
YSI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
|