Penetration Tester

At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers' success. We empower our teams, contribute to our communities, and operate sustainably. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business.

The Leidos Digital Modernization Team is seeking a Penetration Tester to join the Enterprise Security Operations Center team.

The Digital Modernization Sector brings together our digital transformation and IT programs, allowing us to better serve our customers through scale and repeatability.

Are you ready to make an impact? Begin your journey of a flourishing and meaningful career, share your resume with us today!

The Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations.  The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates, and reports any suspected and confirmed security violations.

Primary Responsibilities:

Bachelors' degree from an accredited college in a related discipline, or equivalent experience/combined education, with 8 to 12 years of professional experience; or 6 to 10 years of professional experience with a Masters' degree. Additional years of experience and certifications may be considered in lieu of a degree.

At least 6 years pen testing experience with at least 2 years cloud pen testing experience. Applicant should be proficient in testing of Kubernetes, Docker, and AWS infrastructure, with supporting knowledge from testing other cloud providers.

• Perform cloud pen tests and act as the cloud pen testing SME for the team

• Perform internal and external pen test against systems to determine vulnerabilities and offer mitigation strategies.

• Perform web app pentests

• Perform vulnerability risk assessment

• Perform physical pentests and social engineering

• Perform cyber incident response as needed for programs

• Perform internal and external pentest against systems to determine vulnerabilities and offer mitigation strategies.

• Perform web app pentests

• Perform vulnerability risk assessment

• Perform physical pentests and social engineering

• Perform cyber incident response as needed for programs

Certifications: At least one mobile pentesting certification such as SANS GMOB

• CISSP

• GISF

• GPEN

• GWAPT

• GXPN

• OSCE

• OSCP

• OSEE

• OSWP

Clearance: In addition to specific security clearance requirements all CBP SOC employees are required to successfully complete a CBP Background Investigation to support this program

Preferred Qualifications:

• Understanding of Cyber Kill Chain & Intelligence Defense

• Ability to brief senior officials on pentesting requirements and results

Original Posting Date:

2024-05-23

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $101,400.00 - $183,300.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.