About this Cyber Security Engineer role at Redhorsecorp
Redhorse transforms the way government uses data and technology. To support this mission, we are seeking a Senior Penetration Tester to join a highly technical team providing in-depth penetration testing services in support of the Sponsor’s enterprise cyber security equities. In this role, you will act as an ethical hacker to target, assess, and exploit vulnerabilities of information systems, providing senior decision-makers with the actionable data necessary for strategic investment decisions. Your work will directly impact the security posture of critical government infrastructure, ensuring that risks are identified and mitigated before they can be exploited by adversaries.
Key Responsibilities
- Conduct hands-on penetration testing and ethical hacking to target, assess, and exploit risks and vulnerabilities of information systems.
- Perform comprehensive analyses of identified vulnerabilities and document all system risks, planned test procedures, and results.
- Review and recommend changes to program-level documentation, including requirements specifications, system architecture, design documents, and security plans, to reduce system vulnerabilities.
- Create and document detailed penetration testing plans and procedures for approval and execution.
- Analyze test results to recommend effective countermeasures and mitigation strategies for uncovered risks.
- Lead or participate in Technical Exchange Meetings (TEMs) and Application Review Boards, documenting action items and briefing management on activity results.
Required Experience/Clearance
- Active TS/SCI with Polygraph security clearance.
- 8+ years of experience in cyber security or a related IT field, with a significant focus on cyber penetration testing.
- Demonstrated experience applying computer attack methods, system exploitation techniques, and leveraging adversarial tactics to conduct hands-on security testing.
- Strong working knowledge of cyber security principles for Linux, Windows, and virtual platforms (including hypervisors).
- Demonstrated experience designing, testing, or implementing IT security architecture and complex Windows installations.
- Proven ability to perform network security analysis, analyze network architectures, and utilize network management tools.
- Experience developing risk management methodologies and analyzing test results to develop risk and threat mitigation plans.
- Experience testing or reviewing system configuration, development, and design, specifically for enterprise-scale systems.
Desired Experience
We encourage all candidates who meet the basic requirements to apply, even if you do not have any of the following experience:
- Bachelor’s degree in Computer Science, Information Systems, Engineering, or a related scientific/technical discipline.
- Experience participating in public and private information security groups and professional organizations.
- Proven ability to communicate complex vulnerability results and risk posture effectively to senior executives.
- Experience researching, evaluating, and developing security policies and guidance.
- History of performing complex technical tasks with minimal direction in a fast-paced environment.