Raytheon Intelligence and Information Services (IIS) - Cyber Security & Special Missions (CSM) has an immediate opening for a Penetration Tester supporting multiple Raytheon client organizations in both the US/International commercial and government sectors. Works at the direction of CPS Professional Services team managers and project leads to conduct cybersecurity technical assessments, including network penetration testing, Vulnerability Assessments and simulated offensive/Red Team projects, on behalf of multiple US commercial sector customers. Key duties will involve technical aspects of enterprise computer network defense (CND), network/host level security assessments, web application assessments, and development of recommendations to improve customer cybersecurity program effectiveness. Analysis and customer briefings. Interacts directly with client technical and business operational teams. Provides input to formal reports and summaries for client and stakeholder review.
* 5+ Years of experience conducting penetration testing activities on networks, web applications, mobile applications, and API based systems.
* Proficient in at least two programming or scripting languages such as Java, C#/C++, Python, Perl, Powershell, and PHP.
* Serve as mentor to penetration testing employees and contractors on best practices
Knowledgeable in NIST and Fedramp Protocols.
* Broad based IT background with a technical understanding of networks, protocols, security configurations, cryptography, identity and access management, and the systems development life cycle.
* Excellent communication skills, both written and verbal with strong presentation skills.
* Ability to translate technical materials and issues into non-technical/layman terms.
* Demonstrated skills in the entire Microsoft desktop suite (Word, Excel, Power Point, etc.)
* 2 or more of relevant certifications: CISSP, CISA, CISM, OSCP, CEH, GCIH, GPEN, GWAPT, or equivalent.
* Bachelor's or Master's degree in Information Technology, Computer Science or relevant discipline, or relevant work experience.
Candidate will also have an understanding of how to apply the principles of Information Security in a variety of circumstances and be able to translate the NIST 800-53 guidelines into common technical implementations.
Perform or direct the following types of penetration testing:, Corporate network to Cloud system (Insider Threat), External to Cloud system (Web Application and Network attacks), Tenant to Tenant, Spear Phishing E-mail campaigns, Physical attack vectors when applicable for data center locations, Privilege escalation (Web Application and Network attacks), Mobile application vulnerability discovery.
Ideal Candidate will participate in proposal development for commercial penetration testing opportunities.
Analyze, disassemble, and reverse engineer code to discern weaknesses for exploitation
Develop Penetration Testing Reports that are compliant with FedRAMP and DoD requirements.
Report components include the results of all testing, showing how each attack vector was tested and where vulnerabilities are discovered, providing detailed recommendations on how to remediate each vulnerability.
Provide expertise and assist in the assessment of FedRAMP security controls when not engaged on penetration testing activities.
Provide review and analysis on vulnerability scan results from tools such as Nessus, Nexpose, Retina, SAINT, Qualys, AppDetective, SecureSphere, WebInspect, IBM AppScan, Burp Suite, etc.
Provide training on vulnerability scanning tools to other team members.
Team player; able to work well with others in a collaborative manner and is a self-starter who can work with minimum supervision.
* Travel up to 50% of the time.
This position requires either a U.S. Person or a Non-U.S. Person who is eligible to obtain any required Export Authorization. 142758BR 142758 Business Unit Profile
Raytheon Intelligence, Information and Services delivers innovative technology to make the world a safer place. Our expertise in cyber, analytics and automation allow us to reach beyond what others think is possible to underpin national security and give our global customers unique solutions to solve the most pressing modern challenges -- from the cyber domain to automated operations, and from intelligent transportation and training solutions to creating clear insight from large volumes of data. IIS operates at nearly 550 sites in 80 countries, and is headquartered in Dulles, Virginia. The business area generated $6.2 billion in 2018 revenues. As a global business, our leaders must have the ability to understand, embrace and operate in a multicultural world -- in the marketplace and the workplace. We strive to hire people who reflect our communities and embrace diversity and inclusion to advance our culture, develop our employees, and grow our business.
None / Not Required
Type Of Job
VA - Dulles
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.
Raytheon is a global company that specializes in defense and other government markets.