CACI International Cyber Vulnerabilities Engineer in Reston, Virginia
CACI National and Cyber Solutions is currently looking for a motivated Cyber Vulnerabilities Engineer to provide penetration testing and technical security assessments of applications and infrastructure, security design reviews as well as risk assessments. This is a hands-on role supporting a dynamic and mission-focused customer, requiring technical skills from the hardware to the application layer. We approach our Customers as mission partners and you will have the opportunity to focus on assessing mission-oriented capabilities that deliver tip-of-the-spear force multiplying solutions. In short, we believe in our mission, our team, and our solutions!
More About the Role:
Conducts penetration testing and system function evaluations of software configurations and mobile applications
Coordinates, writes, and publishes software characterization reports in accordance with established guidelines
Conduct hands–on technical testing beyond automated tool validation, including full exploitation and leveraging of access within multiple environments
Conduct scenario–based security testing or red teaming to identify gaps in detection and response capabilities of client networks, and develop comprehensive and accurate reports and presentations client.
Communicate findings and strategy to client stakeholders
Apply security testing and penetration testing techniques and mindset to a wide range of projects
Contributes significant technical documentation
You'll Bring These Qualifications:
Experience in software development, a solid knowledge of Kali LINUX testing framework, open web security protocols, and black box penetration testing
Proficient in multiple operating systems and Mobile Applications (e.g. Unix, Linux Debian and Fedora-based distributions, 8088-8086 Architecture, Assembly/Machine Language, OS-X, Windows x32 and x64, Java, Java Script, Chrome OS and internet packet routing, protocols and encryption)
Experience in encryption and obfuscation methods and proficiency with multiple programming languages (e.g. Java, Java Script, Python, C++)
Understanding of and interest in common web application vulnerabilities like XSS, CSRF, Command Injection, SQLi, single sign-on limitations, etc.
Proficient in any of the following: PowerShell Empire, Metasploit Framework, Cobalt Strike, Burp Suite, Canvas, Kali Linux, IPTables, Sysinternals, A/V evasion methodologies, Exploit Dev
Solid working experience and knowledge of Windows operating systems (incl. Active Directory), Linux operating systems; ESXi or similar; mobile platforms are a plus
Solid understanding of networking, TCP/IP, virtualization and cloud/data center architecture
Knowledge of exploitation concepts including phishing and social engineering tactics, buffer overflows, fuzzing, SQLi, MiTM, covert channels, secure tunneling and open source exfiltration techniques
Ability to write and review technical documentation
TS/SCI clearance with Polygraph is required
These Qualifications Would be Nice to Have:
Experience performing Red Team, Blue Team Operations
Certifications such as OSCP, OSCE, GPEN, GWAPT, GPEN, GXPN, CEH, CISSP
Malware analysis or digital computer forensics experience
Cyber related Law Enforcement or Counterintelligence experience
Scripting (Windows/*nix), Bash, Python, Perl or Ruby, Systems Programming is a plus
Existing Subject Matter Expert of Advanced Persistent Threats and Emerging Threats
Proactive interest in emerging technologies and techniques related to penetration testing
Willingness to travel overseas
Bachelor’s degree in a related technical discipline (i.e. computer science, engineering, mathematics, etc.)
What We Can Offer You:
We’ve been named a Best Place to Work by the Washington Post.
Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
We offer competitive benefits and learning and development opportunities.
We are mission-oriented and ever vigilant in aligning our solutions with the nation’s highest priorities.
For over 55 years, the principles of CACI’s unique, character-based culture have been the driving force behind our success.
CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.