Job Description :
Security Management Specialist
Location: Manassas, VA
Length: Long Term

Our client is looking for a well-rounded Security professional with a solid understanding of Red Team methodology and Penetration Testing procedures. This person will be the Lead for Red Team/Pen Test activities and conduct application, web, and network scanning as part of their overall security protocol. This role will take the traditional vulnerability assessment and build upon it, acting as a "Red Team" member to evaluate the security of their external networks, applications, sensitive internal systems, and data coding standards. Our red team testers will need to go beyond the typical enumerating vulnerabilities through scanning, and need to look at actually exploiting issues noted in the scanning, or discovering issues not picked up in security scanning.
* High-level Penetration Tester (Red Team)
* Location: Manassas, VA
* Assignment: 2yrs plus (right to hire)

Notes from our call with the management team.
* Simulating malicious tactics of a motivated adversary with the intent of achieving a specific goal or access
* Conduct penetration testing for the Red Team which includes: Network, System, Application, and traditional web penetration testing
* Experience in exploiting web apps and web services security vulnerabilities through a variety of attacks.
* They are tool agnostic and want someone that is able to quickly acclimate to new systems and conduct lab testing.

Scope of Work: Security Assessments and Architecture
The scope of work includes:
Collect information about client''s current security systems and infrastructure
Parse, organize, information, write documents that describe the current state, create systems/network/process diagrams
Research and document new security technologies
Deploy security products for Proof of Concepts to determine the suitability of new security for client''s computing environment
Support the development of architectural documents such as architectural blue prints, high level designs, requirements documentation



Additional Comments:
This is a junior or senior position to support a small enterprise security architecture team of experienced professionals.
The position requires good system (UNIX, Windows) and network administration experience.
The position requires basic understanding of security technologies, security engineering and operations, but requires the candidate to be a quick learner.
Good writing, communication, collaboration and organizational skills are important.
Ability to constructively engage with other senior level colleagues, elicit and document technical information is important.
IT or Security Industry certifications and/or a degree in engineering or computer science are a plus, but are not required.

Skills/Requirements: Level: (Junior/Specialist/Expert)
Jr = 1-5 yrs / Spec=5-10yrs / Exp= >10 + yrs
Good knowledge of system administration (Windows, UNIX) Junior / Specialist
Good knowledge of IP Networking & Network Security Junior / Specialist
Basic understanding Security Tools and Operations in Cyber Security Operations Centers Junior / Specialist
Good oral and written communication skills, able to author technical documents under supervision Junior / Specialist
Good interpersonal, collaboration, and organizational skills Junior / Specialist