Millennium Corporation

Penetration Tester

Job Locations US-SC-Charleston
Posted Date 5 days ago(5/20/2022 3:34 PM)
Job ID
2022-2193

Overview

For nearly two decades, Millennium Corporation has been operating on the leading edge of cybersecurity. Our elite team of more than 400 experts has an unparalleled record of performance supporting Red Team Operations, Defensive Cyber Operations, Software Engineering, and Technical Engineering. With the largest contingent of contracted Red Team operators in the DoD, we provide an unmatched level of threat intelligence and battle-tested experience for customers in both the DoD and federal civilian markets.

What We Believe

We believe that diversity is a fact, inclusion is a choice.  At Millennium Corporation, we are inclusive. We celebrate multiple approaches and different points of view. We strongly believe that diversity drives innovation, and we are building a culture where differences are valued. We are always growing our programs and we offer tools to help our employees grow and manage their careers.

 

Millennium is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. Millennium promotes affirmative action for women, minorities, disabled persons, LGBTQ+ and veterans.

Responsibilities

Millennium Corporation is hiring a Penetration Tester in Charleston, SC. Candidate must have an active Top Secret Clearance and be eligible to obtain an SCI. 

 

The Penetration Tester will conduct multiple-disciple penetration tests of global customer networks, rapid development of domain or problem-specific tools that leverage identified vulnerabilities, research on the latest exploitation techniques and threat vectors, and design and configuration of representative test environments.  Candidate must support various training events, conferences, exercises, and demonstrations to ensure continued compliance with team member certification requirements to enhance technical capabilities, and to support authorized missions and test events.

Specific Requirements/Job Description: 

  • Experience with at least one of the following scripting languages (PowerShell, Bash, Python, Ruby, Node.js)
  • Experience performing web application security assessments
  • Experience with TCP/IP protocols as it relates to network security
  • Experience with offensive tool sets including Kali Linux, Metasploit, CobaltStrike, Intercepting Proxies, etc.
  • Experience in using network protocol analyzers and sniffers, as well as ability to decipher packet captures
  • Capable of conducting penetration tests on applications, systems and network utilizing proven/formal processes and industry standards.
  • Perform penetration tests on computer systems, networks, and applications
  • Create new testing methods to identify vulnerabilities
  • Perform physical security assessments of systems, servers, and other network devices to identify areas that require physical protection
  • Pinpoint methods and entry points that attacker may use to exploit vulnerabilities or weaknesses
  • Search for weaknesses in common software, web applications and proprietary systems
  • Research, evaluate, document, and discuss findings with IT teams and management
  • Review and provide feedback for information security fixes
  • Establish improvements for existing security services, including hardware, software, policies, and procedures
  • Identify areas where improvement is needed in security education and awareness for users
  • Be sensitive to corporate considerations when performing testing (i.e., minimize downtime and loss of employee productivity)
  • Stay updated on the latest malware and security threats
  • In depth understanding of emerging threats, vulnerabilities, and exploits.

Qualifications

  • Candidate must have an active Top-Secret Clearance and be eligible to obtain an SCI
  • Bachelor's degree and 12 years of experience
  • SPECIALIZED experience in Computer Network Attack (CNA), Computer Network Exploitation (CNE), Computer Network Defense (CND), and penetration testing
  • Ability to develop tools and scripts independently and rapidly from concept to production in a high-stress, short deadline, under-resourced environment using multiple programming languages
  • Maintain minimum required professional certifications to meet DoD 8570 requirements (Sec+), to include CEH, CISSP, GPEN, OSCP, or ability to obtain within 6 months of hire
  • Experience with at least one of the following scripting languages (PowerShell, Bash, Python, Ruby, Node.js)

Business Development

Assist with Business Development activities as required to support Millennium's strategic business objectives, which may include but not limited to participation in technical interviews, creation of technical documentation, general proposal writing support and proposal color reviews.

Physical Requirements

  • Must be comfortable with prolonged periods of sitting at a desk and working on a computer.
  • Must be able to lift up to 10-15 pounds at a time.

Travel Requirements

Up to 25% travel required 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed