Cyber Security Penetration Tester 3

Northrop Grumman Technology Services is seeking a Cyber Protection professional to join our team of qualified,diverse individuals. This position will be located in Chester, VA with opportunities to move within the larger national and international Northrop Grumman organization in 2-3 years.

Realize the rewards of conquering a new challenge... The qualified applicant will become part of Northrop Grumman's Program Security Office in protecting the network security of tens of thousands of users for the Commonwealth of Virginia.

Roles and Responsibilities:

Advise the Program Security Officer on strategies and areas to improve Security posture. Recommend other Network

Security/Information Assurance upgrades/modifications to Information Systems Security Architecture.

  • Conducts network or software vulnerability assessments and penetration testing utilizing reverse engineering

techniques.

  • Perform vulnerability analysis and exploitation of applications, operating systems or networks. Identifies intrusion or

incident path and method.

  • Evaluates system security configurations.
  • Evaluates findings and performs root cause analysis. Performs analysis of complex software systems to determine both

functionality and intent of software systems.

  • Support resolutions for highly complex malware and intrusion issues.
  • Contributes to the design, development and implementation of countermeasures, system integration, and tools specific to

Cyber and Information Operations.

  • Review and assess technology infrastructures to identify key risk areas, and ensure adequate levels of control are in

place to address those risks

Basic Qualifications:

  • A minimum of a Bachelor's degree with 5 years experience conducting penetration assessments or 4 years experience in lieu of a BS.
  • Understanding of pentesting framework and processes
  • Knowledge of LAN security, firewalls, intrusion detection/prevention, administration of servers, workstations, and other IT devices
  • Knowledge of IA policy to include PCI, HIPAA, FTI
  • Requires a practical level understanding of common TCP/IP-based services, including DNS, DHCP, HTTP, FTP, SSH, SMTP, etc.
  • Practical understanding of Windows and Linux/UNIX-based system administration
  • Conceptual understanding of Vulnerability and Risk Assessments; these processes may include scanning with authorized tools and/or scripts (SCAP, Retina, Nessus, scripts, MBSA, etc).
  • Comprehensive knowledge of Office applications such as Word, Excel, and PowerPoint
  • Candidates should be proven team players with excellent oral and written communications skills. Frequent interaction with government client is required.
  • Highly motivated and creative
  • US Citizenship

Preferred Qualifications:

  • A working knowledge of network security analysis using industry standard intrusion detection systems (e.g., Snort, McAfee, IBM, Cisco)
  • A working knowledge and experience with pentesting tools (e.g. Metasploit, BURPSUITE)
  • Ability to customize audit template files in support of risk and vulnerability assessments (such as Nessus, CIS benchmark, Microsoft SCM)
  • Basic to intermediate scripting (Python, Perl, RegEx, WSH, Powershell)
  • Experience administering Windows and Linux/UNIX-based systems.
  • Experience in interpreting security policy
  • Able to obtain or have any of the following certifications: GPEN, CEH, GAWN, GWAPT, LPT, GPYC, CPT

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.


Meet Some of Northrop Grumman's Employees

Jacqueline T.

Electrical Engineer

Jacqueline operates on power electronics for Northrop Grumman’s space application projects. She meets with engineering groups, chats with customers, and works on circuit analysis.

Jonathan M.

Electronics Engineer

Jonathan works with avionics industry subject matter experts to come up with new feature developments before implementing those ideas in the Northrop Grumman laboratory.


Back to top