Posted

30+ days ago

Location

Chantilly, VA

Description

Job Description

Do you wear a white hat? Helping leading-edge technology companies secure their environments is at the core of what we do while making a difference. 

As a Senior Security Consultant Penetration Tester at Kratos, you will be leading and supporting teams of penetration testers. You will assist in evaluating, testing, and securing innovative cloud computing solutions. You will work on-premises infrastructures providing penetration testing, red teaming, attack simulations, and more.

The ideal candidate for our penetration testing team will thrive on collaboration, learning, and teaching. The candidate should have a firm understanding of how to apply the latest vulnerabilities and exploitation techniques in circumstances and expertise in performing penetration testing in complex and diverse computing and communications environments. Experience with cloud environments, mobile application testing, and testing automation is highly desirable.

 Responsibilities:

Leadership

  • Independently lead penetration testing engagements with minimal guidance from leadership while providing thorough direction to team members.
  • Promote an inclusive, trusting team environment by sharing best practices while helping the team reach consensus decisions and debriefing lessons learned.
  • Collaborate effectively within dynamic teams and across multiple customer organizations with diverse personalities and expertise on complex issues.
  • Effectively work with colleagues to develop staff technical skills that solve complex client problems, ensuring knowledge across teams or capability offerings.
  • Communicates expectations for comprehensive quality standards conducts quality assurance reviews of penetration test methods and reports to confirm high quality, client-ready deliverables. 
  • Adheres to projects/tasks, scheduling, and scope by monitoring penetration test execution and reporting that thoroughly breaks down and explains weaknesses and vulnerabilities, their attack vectors, and remediation steps in a clear, concise, and timely manner.

Subject Matter Expertise

  • Advanced knowledge of two or more types of testing, to include Network, Web Applications, Application Program Interfaces, Mobile Applications; Client-Side Applications; Wireless; Social Engineering; Phishing; Physical Penetration; Satellite and Ground Stations; Unmanned Aircraft; ICS; and IOT.  
  • Have an understanding of one or more of the following security testing standards: FedRAMP, PCI-DSS, HIPAA, FISMA, and NIST.
  • Advanced knowledge of commonly used penetration testing tools, such as Nessus, Retina, SAINT, Qualys, AppDetective, SecureSphere, WebInspect, AppScan, Burp Suite, NMAP, Metasploit, and Cobalt Strike.

Innovation

  • Spearhead the development of new and updated documented playbooks, processes, and procedures for penetration testing and tools.
  • Identify and work with leadership on new capabilities that create new or emerging market space.
  • Develop and implement custom automation for full attack life-cycle testing execution capabilities.

Research and seek opportunities to leverage new tools or processes that bolster the ability to analyze, disassemble, and reverse engineer vulnerabilities.

Experience and Skills

A Bachelor’s degree is preferred. However, years of relevant work experience will be considered.

Must have a minimum of 5 years of IT, Cybersecurity, or Consulting work experience.

Maintain two or more of the following security or technology certificates: OSCP, OSWE, OSEP, OSEE, GXPN, CEPT, LPT, GPEN, GWAPT amd CMWAPT, CRTOP, or equivalent.

Excellent communication skills, both written and verbal with strong presentation skills.

Ability to translate technical materials and issues into non-technical/layman terms.

Apply attention to detail, accuracy, and thoroughness in all work products.

Able to work well with others (team-player) in a collaborative manner.

Can work under minimum supervision and a self-starter.

Can lead interactions with clients and represent Kratos with high-level of professionalism.

Must be able to successfully manage multiple tasks.

Serve as mentor to junior Security Consultants on best practices.

Must be able to travel 25%.

 


About the Company

Kratos Defense & Security Solutions

Kratos Defense & Security Solutions, Inc. (Nasdaq:KTOS) is a specialized Technology Company providing mission critical products, solutions and services for United States National Security. Kratos' core capabilities are sophisticated engineering, manufacturing and system integration offerings for National Security platforms and programs. Kratos' areas of expertise include Command, Control, Communications, Computing, Combat and Intelligence, Surveillance and Reconnaissance (C5ISR) systems, satellite communications, electronic warfare, unmanned systems, hypersonic systems, directed and high power energy systems, electromagnetic railgun, missile defense, cyber warfare, cybersecurity, information assurance, and critical infrastructure security. Kratos has primarily an engineering and technically oriented work force of approximately 3,100. Substantially all of Kratos' work is performed on a military base, in a secure facility or at a critical infrastructure location.

Company Size

1,500 to 1,999 employees

Industry

Aerospace and Defense

Website

http://www.kratosdefense.com/