Desired Skills and Experience

  • Undergraduate degree and three (3) years of relevant experience
  • Technologist diploma or Professional technologist equivalency designation and four (4) years of relevant experience
  • Fields of study: Computer science, electrical, electronics, network security, telecommunications, or engineering
  • Experience in IT security including investigating security incidents and implementing associated corrective action
  • A minimum of one (1) year of Vulnerability Management Services performing vulnerability assessments and/or penetration testing.
  • Recent and significant experience in penetration testing using products such as, but not limited to Kali/Backtrack, Metasploit, NExpose, Nikto, SQLmap, and Veil-Framwork, and the customization of its scripts, exploits, and payloads.
  • Recent experience implementing and customizing technical security controls in recognized hardening frameworks such as, but not limited to CIS - Security Configuration Benchmarks and/or NIST - Security Technical Implementation Guides.
  • Recent and significant experience in running Vulnerability Management assessments using various tools and following industry standard practices.
  • Recent experience analyzing, designing, and/or implementing security controls in business applications and infrastructure systems in both Linux and Windows environments.
  • Experience in network security skills such as packet, vulnerability and exploit analysis. 
  • Information Security Certifications including:
  • Offensive Security Certified Professional/ Certified Expert (OSCP/OSCE; OffSec)
  • Global Information Assurance Certified Penetration Tester (GPEN; GIAC)
  • Certified Penetration Testing Consultant/Engineer (CPTC/CPTE; EC-Council)
  • Certified Penetration Tester/Certified Expert Penetration Tester (CPT/CEPT; IACRB)
  • NIST 800-115
  • ISECOM - Open Source Security Testing Methodology Manual
  • Bypassing System ASLR & NX/DEP (such as Return Oriented Programming / Code Reuse)
  • Heap Spraying (such as Management, Feng Shui & Heaplib) and Browser User-After-Free Conditions
  • EMET Protection (such as LoadLibrary, MemProt, Caller, SimExecFlow, StackPivot)
  • Code Poly/Metamorphism, Caves, Splitting, Packing, Obfuscation and/or Encryption
  • OWASP References and SQL Vulnerabilities
  • Assembly Language (x86/64), C, Python, Ruby, and/or SQL Language(s)
  • GCC & MinGW Compilers
  • Virtualization Technologies
  • Behavioral Flexibility
  • Initiative
  • Problem Solving
  • Analytical Skills
  • Collaboration
  • A written examination will be administered for the screening of candidates.  The exam will be used to assess candidates’ technical skills as it relates to the position.
  • For bilingual non-imperative positions, offers will be conditional upon meeting the linguistic requirements within two (2) years of appointment.
  • This position is designated CS; therefore, the employee may be eligible for a terminable allowance of 7% of the annual salary (4% at the underfill level).
  • Some relocation expenses may be reimbursed.

Apply