Responsibilities
- Execute in-depth penetration tests across hardware, software, and network infrastructure
- Carry out advanced vulnerability scans and evaluations on all system components
- Assess cybersecurity posture to detect flaws affecting data confidentiality, integrity, or availability
- Examine software, firmware, hardware, and radio frequency elements within systems
- Evaluate the potential impact and effort required to exploit discovered vulnerabilities, including high-level guidance for remediation
- Create and deploy exploits and proof-of-concept attacks to illustrate vulnerability consequences
- Reverse engineer firmware and embedded systems to uncover security flaws
- Evaluate the robustness of secure boot mechanisms and Trusted Execution Environments
- Conduct security assessments of web applications, emphasizing OWASP Top Ten risks and API vulnerabilities
- Manually verify identified vulnerabilities and assess their exploitability and risk level
- Perform security testing on wireless and RF technologies, including Wi-Fi, Bluetooth, and Zigbee
- Use Software Defined Radio for reverse engineering communication protocols and security testing
- Document and report detailed findings with clear, actionable recommendations to improve security
- Plan and conduct end-to-end assessments spanning multiple domains, including network penetration and social engineering simulations
Work Arrangement
Hybrid — DC Metro area
Other
- U.S. citizenship is required
- An active security clearance at the Secret level or higher is mandatory
- Employment eligibility verification is required at the time of hire
- The organization is an Equal Employment Opportunity and Affirmative Action employer, supporting minorities, women, veterans, disabled individuals, and other protected groups