Millennium Corporation is hiring a Red Team Penetration Tester to work in North Charleston. The candidate must have an active Secret clearance.
The ideal candidate will:
- Provide Cybersecurity Test and Evaluation Support. This effort covers all aspects of Cyber testing to include beginning with planning requirements and concluding providing reports and recommended solutions.
- Provide support by utilizing experience in automation using Powershell, PowerAutomate, Logic Apps, Graph API.
- Provide support by utilizing experience conducting Red Team operations in an MDE environment.
- Provide support by utilizing experience with AWS, Cloud Audit, Serverless and Microservice Architecture.
- Provide support utilizing experience working with AWS services (such as EC2, S3, KMS, RDS) and security best practices relevant to those services.
- Provide support by performing web application and API penetration testing, and Cloud Security Audits.
- Provide support by utilizing experience with Web Services penetration testing (RESTful and SOAP) Web Authentication protocols (e.g. OAuth2, SAML, LDAP).
- Providing support by writing proof of concept code to demonstrate the severity of a potential security issues.
Qualifications:
- Candidate must have an active Secret security clearance.
- With an accredited bachelor's degree within a relevant area the candidate must have a minimum of 6 years of experience. With a masters degree, a minimum of 3 years of experience.
- Must have a CFR, Cloud+, CySA+, GCED, GICSP or PenTest+ certification.
- Must also possess a Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), Offensive Security Exploitation Expert (OSEE) or Offensive Security Wireless Professional (OSWP) certification.
- Demonstrated experience performing vulnerability assessments with the Assured Compliance Assessment Solution (ACAS) tool.
- Demonstrated experience utilizing penetration tools and mimicking threat behavior.
- Demonstrated experience with performing STIG assessments to include using SCAP benchmarks.
- Shall have demonstrated experience utilizing packet analyzer tools such as Wireshark and tcpdump.
