*Staff Penetration Testing Lead/Coordinator – RITS

Requisition ID: 20030804

  • Category IconCategory: Information Technology
  • Location IconLocation: Vicksburg
  • Citizenship IconUS Citizenship Required for this Position: Yes
  • Clearance IconClearance Type: Top Secret
  • Telecommute IconTelecommute: Yes – May Consider Full Time Teleworking for this position
  • Shift IconShift: 1st Shift
  • Travel IconTravel Required: Yes, 25 % of the Time
  • Positions IconPositions Available: 1

Discover careers that change the world and further advancements in defense, technology, and engineering today at
Northrop Grumman. Use your experience to grow your career and support our global customers with the technology,
systems, and solutions they need to enable their missions on the front lines and secure our world every day. With
Northrop Grumman, you’ll discover a culture built on diversity, respect, and above all teamwork. Together with our group of experts across the technical spectrum, you’ll discover opportunities to make a difference in our world and start solving some of the world’s most critical problems in the most innovative ways.
Northrop Grumman Defense Systems is seeking a Staff Penetration Testing Lead/Coordinator to support the
Revolutionary IT Services program at the US Army Corps of Engineers (USACE) in the following location: Vicksburg MS    In this position, you will:
  • Conduct network or software vulnerability assessments and penetration testing utilizing reverse engineering techniques.
  • Perform vulnerability analysis and exploitation of applications, operating systems or networks. Identifies intrusion or incident path and method. Isolates, blocks or removes threat access.
  • Evaluate system security configurations.
  • Evaluate findings and performs root cause analysis.
  • Perform analysis of complex software systems to determine both functionality and intent of software systems.
  • Resolve highly complex malware and intrusion issues.
  • Contribute to the design, development and implementation of countermeasures, system integration, and tools specific to Cyber and Information Operations.
  • May prepare and presents technical reports and briefings. May perform documentation, vetting and weaponization of identified vulnerabilities for operational use.

Basic Qualifications:
  • Bachelor's degree and a minimum of 14 years related experience OR Masters degree and a minimum of 12 years experience.  May consider an additional 4 years of related work experience in lieu of degree.
  • Experience exploiting vulnerabilities in computer systems, networks and applications
  • Experience writing scripts and exploit code
  • Experience discovering new vulnerabilities in hardware, software and operating systems
  • Extensive technical computer/network knowledge and understanding of computer hardware, software, networks, communications and connectivity
  • Proficiency in both Linux/Unix and Windows operating systems
  • Experience using scan/attack/assess tools and techniques, including proficiency in at least some of the more popular exploit frameworks as well as researching proof of concept code and adopting that code for custom environments and assessments.
  • Experience conducting fullscope assessments and penetration tests including:  social engineering, server and clientside attacks, protocol subversion, physical access restrictions, web application exploitation, and external command and control 
  • Proficiency in common programming languages such as C, C++, C#, Python, Ruby, Perl, Bourne/Bash, Powershell, Visual Basic, VBScript, PHP, Javascript, HTML
  • Demonstrated experience in technical report writing
  • Active Top Secret clearance.  US citizenship required.
  • Ability to obtain/maintain a TS/SCI w/poly security clearance

Preferred Qualifications:
  • Active TS/SCI w/poly security clearance
  • Active technical certifications that support penetration testing such as OSCP/OSCE, GPEN/GXPN, etc. 
  • In-depth understanding of layer 27 communication protocols, common encoding and encryption schemes and algorithms
  • Experience countering Advanced Persistent Threat (APT) type threats to large enterprises (USG or commercial) familiarity with techniques and tools employed
  • Previous software development to support penetration testing including vuln dev, tool creation or modification, covert tunneling, scanning scripts, passive collection, reverse engineering,  binary analysis, source code analysis, etc.
  • Prior experience with NGC network architecture, IT Solutions and Information Security
  • Understanding of and experience either executing or defending against complex, targeted cyber threats to highvalue systems and data.
  • Familiarity with NIST Risk Management Framework
  • Familiarity with OSSTMM 3, NIST SP80015, Penetration Testing Framework

Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions.

Apply Now
Apply Now

What's great about
Northrop Grumman

  1. Be part of a culture that thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work.
  2. Use your skills to build and deliver innovative tech solutions that protect the world and shape a better future.
  3. Enjoy benefits like work-life balance, education assistance and paid time off.

Did you know?

We offer an array of benefits to give you the support you need, including matching 401K, tuition assistance, health insurance and wellness options, coaching, mentoring and more.