MUST BE US CITIZEN
MUST POSSESS ACTIVE TS/SCI with FSP
TMG is the proud recipient of the Employer Support of Guard and Reservists by the SECDEF.
TMG is an Equal Opportunity Employer
US Veterans Preferred
The Sponsor requires a Cyber Security expert to perform and support penetration testing activities to target, assess, exploit, and report risks and vulnerabilities of information systems. The intent is to provide senior decision makers with actionable data to make strategic investment decisions.
The Contractor shall document all identified system risks, planned test procedures taken, and test results. The Contractor shall perform analyses of vulnerabilities identified during testing. The Contractor shall review program-level documentation (e.g., requirements specification, system architecture, design documents, test plans, security plans, etc.). The Contractor shall recommend changes to program-level documentation with an eye to reducing system vulnerabilities.
The Contractor shall create and document penetration testing plans and procedures. The Contractor shall use approved penetration testing plans and procedures to conduct hands-on penetration testing. The Contractor shall analyze test results, document risks, and recommend countermeasures to uncovered risks.
The Contractor shall research, evaluate, and develop Information Security policies and guidance. The Contractor shall participate in or lead technical exchange meetings and application review boards. The Contractor shall document action items and results from technical exchange meetings and application review boards. The Contractor shall brief management on the status of action items and/or results of activities.
**All mandatory skills must be reflected with proposed candidate's experience to be submitted for consideration**
1. Demonstrated work experience in cyber security or related IT field
2. Demonstrated experience with cyber penetration testing
3. Demonstrated experience applying computer attack methods and system exploitation techniques
4. Demonstrated working knowledge of cyber security principles for Linux, Windows and virtual platforms
5. Demonstrated experience designing, testing, or implementing IT security architecture
6. Demonstrated experience performing network security analysis
7. Demonstrated experience analyzing network architectures
8. Demonstrated experience using network management tools
9. Demonstrated experience creating cyber security test plans
10. Demonstrated experience leveraging adversarial tactics to conduct hands-on security testing
11. Demonstrated experience developing risk management methodologies
12. Demonstrated experience analyzing test results to develop risk/threat mitigation plans
13. Demonstrated experience testing or reviewing system configuration, development, and design specifically around enterprise systems and hypervisors
14. Demonstrated experience designing, testing, or implementing complex Windows installations
1. Demonstrated experience participating in public and private information security groups and organizations
2. Demonstrated experience communicating vulnerability results and risk posture to senior executives
3. Demonstrated experience researching, evaluating, and developing security policies and guidance
4. Demonstrated experience performing complex technical tasks with minimal direction
5. A Bachelor's degree in Computer Science, Information Systems, Engineering, or other related scientific or technical discipline
6. One or more of the relevant certifications: Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Global Information Assurance Certification Penetration Tester (GPEN)