• AFRL Kirtland - Cyber Security Test and Evaluation Engineer

    Job Locations US-NM-Albuquerque
    Job ID
    2018-2399
    # of Openings
    1
    Clearance Requirement
    S
    Education Requirement
    Bachelor's Degree
    Certifications
    8570
    Experience Level
    Mid-level
    8570 Compliant
    IAT 2
  • Overview

    SMS is a fast growing, veteran-owned business that's has supported Federal Government's IT initiatives for over four decades.  We work side-by-side with our Federal clients as a trusted, long-term partner to offer innovative advice and leadership to solve their most pressing and complex problems. We orchestrate people, strategies, technologies and best-of-breed business processes. The SMS advantage in management and technology consulting includes deep domain expertise in complex networking design and unifying communities of interest. 

     

    We have strong capabilities in design & build, planning, governance, quality management, security, analytics, virtualization, operations and business process improvement. For 40 years, SMS has brought customer satisfaction to Federal clients and formed lasting alliances with leading technology companies and talented small businesses to deliver joint, leading-edge, cost-effective services and products. 

    Submit your resume today!

    Responsibilities

     

    A Cyber Security Engineer with extensive experience performing cyber security audits and assessments to verify and validate compliance with Department of Defense (DoD) and Federal cyber security defense directives, instructions, or guides. The candidate must have experience with system security assessments, penetration testing, vulnerability assessments, and be familiar with programming languages.

     

    • Technical knowledge of multiple operating systems (Windows, UNIX), web servers-applications, databases, network appliances and virtual environments
    • Extensive knowledge of operating system, application, directory, account and device hardening techniques (Group Policies, Registry modifications, SELinux, Firewall Configuration, Account and Password management, Service and Protocol restrictions, Logging, Monitoring)
    • Understand programming languages, code review and reverse engineering (Python, Perl, Ruby, PowerShell, etc.)
    • Experience conducting USCYBERCOM CCRI audits and assessing compliance with Computer Network Defense (CND) directives, Task Orders and Information Assurance Vulnerability Management (IAVM) alerts
    • Familiar with Security Technical Implementation Guides (STIG) Secure Content Automation Protocol (SCAP) checklists and benchmarks (STIG Viewer) and related XML output files
    • Experience with Open Web Application Security Project (OWASP) methodologies and tools (ZAP, BurpSuite, WebInspect, Netsparker, etc.)
    • Familiar with penetration test techniques (Backdoors, Buffer overflow, Zero-day vulnerabilities, XSS, SQL Injection, DNS Spoofing, MitM, Phishing, Social Engineering, etc.)
    • Familiar with penetration testing tools (Nessus, NMap, Wireshark, tcpdump, SET, Metasploit, Kali, Rainbow tables, sqlmap, Samurai WTF, AppDetective, etc.)
    • Experience with DoD cyber security assessment applications (ACAS, HBSS, SCC)
    • Proficient at delivering detailed and summarized reports describing test scope, methodology, limitations, issues, and potential vulnerabilities identified with associated risk-severity and mitigation or remediation solutions
    • Strong verbal and written communication skills, with the ability to work autonomously on multiple projects

     

    Qualifications

    Three to Five years of security and vulnerability assessment experience, including recent experience with assessment and penetration testing tools.
    Candidate should have technical experience in the following areas; Security assessments, vulnerability assessments, penetration testing, program languages and scripting, with in-depth knowledge of operations system, network device, web application, and database configurations.

    Applicant must possess refined critical thinking skills, should be a self-starter, and be able to manage activities of other team members. Must be reliable and tactful with the ability to multi-task, prioritize, and remain flexible.

     

    Education

     

    Bachelor’s degree in a Business Management or MIS related field preferred, or experience in lieu of degree; High School diploma required if no existing higher education diplomas

     

    Misc.

    • Active SECRET security clearance
    • DoD 8570 IAT-II and CEH Required

     

     

    SMS is an Equal Opportunity Employer. 

     

    SMS is a veteran-owned network integrator established in 1976.  With an employee retention rate averaging over 5 years, our ability to hire quality people and retain them in a rapidly evolving IT market proves why we are a world-class information technology company. At SMS, we place a high value on quality of service, customer satisfaction, and best-of-breed policies and practices. As a result, SMS is proud to be ISO 9001:2008 Registered and a CMMI Level 3 certified company, ensuring that we continue to meet and exceed the expectations of our customers, partners and employees.  

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed