Ground Cybersecurity Assessment Specialist - Millennium Space Systems
Job SummaryThe MSS Ground Systems & Operations Organization is looking for a Mid-Level Cybersecurity Assessment Specialist to join the team in Chantilly, VA.
This position involves performing adversarial security testing of the enterprise's various Information Technology (IT) environments and penetration testing utilizing Proof of Concept (PoC) and homegrown exploitation in addition to red teaming activities.
This individual must have strong foundational knowledge and working proficiency in both system administration and software development disciplines.
Position Responsibilities:• Conduct application and network layer penetration tests on various IT environments
• Conduct red teaming activities, including physical security penetration testing
• Perform independent pen testing utilizing numerous penetration testing tools and leveraging mainly manual techniques, typically testing will necessitate source code analysis
• Write risk prioritized finding reports, debrief system owners and consult on remediation options
• Retest security vulnerabilities that have been identified as fixed to verify remediation
• Contribute to pen testing, red teaming, tooling, and reporting methodology enhancements
• Evaluate effectiveness of defensive countermeasures and consult with blue teams to help improve detection methods and capabilities required for situational awareness
• Performing exploitation analysis and authors exploitation tools/techniques
• Experience performing ACAS and OpenRMF compliance scans for classified networks, identifying weaknesses and reporting results to external organizations
• Experience with secure software development lifecycle and large-scale computing environments
• Experience working with Information Security principles, policies, and industry best practices including the Critical Security Controls (CIS), Open Worldwide Application Security Project (OWASP), Top 10 and Mitre Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework
• Experience working with Authentication and Authorization Controls
• Experience working with common server applications such as Internet Information Services (IIS), Apache, Lightweight Directory Access Protocol (LDAP), Tomcat, and Secure Shell (SSH)
• Experience working with common network protocols such as HyperText Transfer Protocol/ HyperText Transfer Protocol Secure (HTTP/HTTPS), Transmission Control Protocol/Internet Protocol (TCP/IP), and User Diagram Protocol (UDP)
Basic Qualifications (Required Skills/Experience):• Active TS Clearance with SCI eligibility
• At least 8 years of experience working in Cybersecurity enclaves
• 3 years' experience as an ISSM/ISSO
Preferred Qualifications (Desired Skills/Experience):• At least 2 years working as ISSE across multiple bases and systems for civil engineering
• Expertise in Risk Management Framework (RMF)
• Experience with Security Authorization (ATO) process and Program Protection Plans (PPP/PPIP)
• Experience performing Criticality Analysis
• Experience with programming experience in Python, PHP, Perl, Ruby, .NET, or other interpreted or compiled languages
• Experience in penetrating testing and vulnerability assessments using manual techniques and vulnerability testing tools (including scanners, sniffers, fuzzers and exploit tools such as Burp, Nmap, Kali and Metasploit)
• Experience configuring and conducting automated scanning and manual testing
Conflict of Interest:Successful candidates for this job must satisfy the Company's Conflict of Interest (COI) assessment process
Shift: - This role will be on 1st Shift
Total Rewards:At Millennium Space Systems, a Boeing Company, we strive to deliver a Total Rewards package that will attract, engage and retain the top talent. Elements of the Total Rewards package include competitive base pay and variable compensation opportunities.
Millennium Space Systems also provides eligible employees with an opportunity to enroll in a variety of benefit programs, generally including health insurance, flexible spending accounts, health savings accounts, retirement savings plans, life and disability insurance programs, and a number of programs that provide for both paid and unpaid time away from work.
The specific programs and options available to any given employee may vary depending on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements.
Pay is based upon candidate experience and qualifications, as well as market and business considerations.
Summary Pay Range: $107,100 - 180,000
Millennium is DDTC-registered, ITAR-compliant Company. This position is located at a facility that requires special access. Applicants MUST be U.S. citizens and eligible for a security clearance. Additionally, applicants must be willing to apply for and maintain a security clearance. We encourage all interested candidates to apply for any open position for which they feel they are qualified.
Language Requirements:Not Applicable
Education:Not Applicable
Relocation:Relocation assistance is not a negotiable benefit for this position.
Export Control Requirement:This position must meet U.S. export control compliance requirements. To meet U.S. export control compliance requirements, a "U.S. Person" as defined by 22 C.F.R. a7120.62 is required. "U.S. Person" includes U.S. Citizen, U.S. National, lawful permanent resident, refugee, or asylee.
Safety Sensitive:This is not a Safety Sensitive Position.
Security Clearance:This position requires the ability to obtain a U.S. Security Clearance for which the U.S. Government requires U.S. Citizenship. An interim and/or final U.S. Secret Clearance Post-Start is required.
Visa Sponsorship:Employer will not sponsor applicants for employment visa status.
Contingent Upon Award ProgramThis position is not contingent upon program award
Shift:Shift 1 (United States of America)
