View Our Website View All Jobs

IT Cyber Penetration Testing Analyst

Sigma Science Inc., is looking for a IT Cyber Penetration Testing Analyst based out of Washington D.C. with an active Q clearance.  This position will conduct remote and onsite testing of Information Technology Systems (IT) to detect and report on weaknesses, vulnerabilities, and compliance issues. Candidate should have experience in Network architectures, operating systems, application software, and cyber security tools and techniques. Additionally, this position requires expertise in the use of penetration testing tools, techniques, and attack vectors to be used in a sanctioned attack or intrusion for the sole purpose of evaluating the security of an IT system and to discover weaknesses, vulnerabilities, or compliance issues that are unknown to the system owner. 

Sigma Science Inc. has over 20 years of experience providing nuclear safety, operations, maintenance, engineering, environmental management, project management and administrative support services for federal and commercial clients.  Sigma Science is building up its Cyber defense capabilities to offer its current and future clients an integrated set of innovative solutions supporting the cyber and physical operation of their nuclear, smart grid infrastructure and mission critical environments. 

General Description of Duties:

  • Perform security risk assessment, threat analysis and threat modeling
  • Plan /Design/Execute security related artifacts and activities
  • Write Security Test strategy, Test Cases, Remediation Plan, and Security Test Report
  • Conduct Dynamic Security Scans, Manual validations/Pen Testing, and other Security QA activates
  • Conduct Remediation Strategy Discussions and User Review Sessions
  • Lead/Participate projects/defects related meetings and triage activities
  • Lead and Execute efforts with Web Inspect, Burp Suite Pro, Wireshark and other security QA tools as appropriate
  • Lead/Participate in developing Security QA roadmap, adopt security best practices, and Implement new ideas and innovations according to the industry trends
  • Create and maintain False Positive Repository Database
  • Testing Web Application Security and understanding of vulnerabilities from front end, backend, database and Network/Infrastructure
  • Cross the line of the Web Application Security Testing and participate in Mobile, Network, Perimeter, WIFI and other security functions as needed
  • Lead/Perform Red Team and Blue Team exercises
  • Wear Black hat hackers hat as required and perform invasive security testing
  • Participate Pen Testing and Ethical hacking activities on identified tasks
  • Perform API (Web Services) security Testing (Restful, SOAP)
  • Adhere to the QA best practices and work for delivering Secured and Quality products                  
  • Good understanding of business process, systems knowledge
  • Good understanding of QA Methodology, Policy, Process, Tools
  • Excellent communication skills and the ability to interface with more senior co-workers and leadership with confidence and clarity
  • Support the Security QA manager in Security QA activities and be a Team Player

Requirements

  • Active Q Clearance
  • 3 years of experience
  • Bachelor’s Degree in Computer Science or related field; Master’s Degree Preferred
  • Certified Information Systems Security Professional (CISSP) and/or Certified Information Systems Auditor (CISA) certification are highly desirable.

 

Successful applicants may be subject to random drug testing based on client requirements.

SSI is committed to a policy of equal employment opportunity. We recruit, employ, train, compensate, and promote without regard to race, ancestry, color, sex, religion, creed, age, national origin, citizenship status, disability, medical condition, military and veteran status, marital status, sexual orientation or perceived sexual orientation, gender, gender identity and gender expression, familial status, political affiliation, genetic information, or any other legally protected status or characteristics.

SSI is committed to the principles of equal employment opportunity and to compliance with US laws and regulations.

Read More

Apply for this position

Required*
Apply with Indeed
Attach resume as .pdf, .doc, or .docx (limit 2MB) or Paste resume

Paste your resume here or Attach resume file

150
To comply with government Equal Employment Opportunity / Affirmative Action reporting regulations, we are requesting (but NOT requiring) that you enter this personal data. This information will not be used in connection with any employment decisions, and will be used solely as permitted by state and federal law. Your voluntary cooperation would be appreciated. Learn more.
Gender
Race/Ethnicity

Invitation for Job Applicants to Self-Identify as a U.S. Veteran
  • A “disabled veteran” is one of the following:
    • a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or
    • a person who was discharged or released from active duty because of a service-connected disability.
  • A “recently separated veteran” means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.
  • An “active duty wartime or campaign badge veteran” means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.
  • An “Armed forces service medal veteran” means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.
Veteran status
I IDENTIFY AS ONE OR MORE OF THE CLASSIFICATIONS OF PROTECTED VETERAN LISTED ABOVE
I AM NOT A PROTECTED VETERAN
I DON’T WISH TO ANSWER

Voluntary Self-Identification of Disability
Voluntary Self-Identification of Disability Form CC-305
OMB Control Number 1250-0005
Expires 1/31/2020
Why are you being asked to complete this form?

Because we do business with the government, we must reach out to, hire, and provide equal opportunity to qualified people with disabilities.i To help us measure how well we are doing, we are asking you to tell us if you have a disability or if you ever had a disability. Completing this form is voluntary, but we hope that you will choose to fill it out. If you are applying for a job, any answer you give will be kept private and will not be used against you in any way.

If you already work for us, your answer will not be used against you in any way. Because a person may become disabled at any time, we are required to ask all of our employees to update their information every five years. You may voluntarily self-identify as having a disability on this form without fear of any punishment because you did not identify as having a disability earlier.

How do I know if I have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

Disabilities include, but are not limited to:

  • Blindness
  • Deafness
  • Cancer
  • Diabetes
  • Epilepsy
  • Autism
  • Cerebral palsy
  • HIV/AIDS
  • Schizophrenia
  • Muscular dystrophy
  • Bipolar disorder
  • Major depression
  • Multiple sclerosis (MS)
  • Missing limbs or partially missing limbs
  • Post-traumatic stress disorder (PTSD)
  • Obsessive compulsive disorder
  • Impairments requiring the use of a wheelchair
  • Intellectual disability (previously called mental retardation)
Please check one of the boxes below:

You must enter your name and date
Your Name Today's Date
Reasonable Accommodation Notice

Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.


iSection 503 of the Rehabilitation Act of 1973, as amended. For more information about this form or the equal employment obligations of Federal contractors, visit the U.S. Department of Labor's Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.


PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.