Cyber Security Test Engineers
Cyber Security Test EngineersSTS
Website STS Technical Services
STS Technical Services is hiring Cyber Security Test Engineers in Fort Worth, Texas.
- Research and remain up to date with emerging threats and Threat Emulation methodologies.
- Develop and execute cybersecurity test procedures based on program test plans for future and existing aircraft architecture.
- Evaluate security test plans, perform threats, vulnerability analysis and subsequent testing/evaluation of aircraft systems.
- Emulation operations, Cyber Advanced Threat Emulation Team operations and research, identification, and verification of new APT TTPs.
- Generate threat intelligence indicators during Threat Emulation operations and apply/fine tune them across the aircraft architecture.
- Assist in the development of aircraft Supply Chain Risk Management Plan (SCRMP) in accordance the Key Practices and Implementation Guide for the DoD Comprehensive National Cybersecurity Initiative 11 Supply Chain Risk Management Pilot Program, SP 800-161 Supply Chain Risk Management.
- Direct the utilization of vulnerability scan tools, conduct in-depth analysis of the results against Standard Technical Implementation Guides (STIGs), develop remediation and mitigation plans, and create packages for the implementation of those plans.
- Ensure the planning and execution of Cybersecurity (DoD 8510.01) activities align, integrate with, and support our system acquisition process.
- Support Program Management Office in POA&M development, tracking, and resolution.
- Coordinate with the Integrated Program Team managers to ensure issues affecting the product overall security are addressed appropriately and seamlessly with system lifecycle processes.
- A minimum of 5 years of experience with assessing APT threats, Penetration Testing, Vulnerability Management, attack methodologies, forensics analysis techniques, malware analysis, attack surface comprehension, Cyber Threats.
- At least 2 years of experience with developing and validating systems IAW DIACAP, RMF, and/or NIST 800-53 is preferred.
- An Active Secret Clearance is preferred.
- Experience developing and implementing custom exploits and exploitation tools in support of authorized penetration tests or cyber threat emulation exercises.
- Knowledge in bus analysis and testing of traditional IP based architectures to include 802.1, 802.11 and 802.3
- Knowledge in bus analysis and testing of non-traditional architectures such as ARINC 429, MIL-STD-1553, and CANBus.
- Experience in adversarial penetration testing. <br> • Experience with STIG application, testing, and compliance tools.
- One or more certifications for Analysts / Testers: GCIA, GCED, GCFE, GCTI, GNFA, GCIH, CND, ECSA, OSCP, OSEE, OSCE, GCFA, GREM, CHFI, CEH, GPEN, GWAPT, GISF, GXPN
- Experience with any three of the seven tools listed below: Kali Linux, Metasploit, Burp suite, Cobalt Strike, Tenable Nessus, Web Inspect, Scuba, Appdetective.
- Bachelor’s Degree is required.
- Major in Information Technology, Information Assurance, Computer Engineering, Computer Science, or Electronic Engineering is preferred.
- Engineering majors, with applicable experience, also acceptable.
- Experience with analyzing deceptive technologies such as honeynets.
- Expertise in policies, industry trends, techniques related to penetration testing.
- Familiarity with NIST and FISMA compliance.
About STS Technical Services:
STS Technical Services is a Top 100 Staffing Firm that’s partnered with some of the largest names in the aerospace, manufacturing, defense and industrial industries.
Our professional recruitment teams put talented individuals to work at client locations all over the world, and we have hundreds of exciting career opportunities for you to explore!
If you want to speak to a Recruiting Professional directly, call 1-800-359-4787.
STS Technical Services is an equal opportunity employer.