Apply Now

Senior Systems Security Specialist

Baltimore, MD, US • Posted 1 hour ago • Updated 1 hour ago

Contract W2

Contract Independent

Contract Corp To Corp

On-site

CCS Global Tech

Fitment

Dice Job Match Score™

🔢 Crunching numbers...

Job Details

Skills

System Security
UI
Information Technology
Microsoft
Tier 1
Recruiting
Training
Partnership
Communication
Operating Systems
Manual Testing
Authentication
Management
Access Control
ROOT
Leadership
Collaboration
DevOps
Security Architecture
Test Methods
Regulatory Compliance
Continuous Improvement
Change Control
PMO
Network
Web Applications
API QA
Threat Modeling
Incident Management
Penetration Testing
Metasploit
Burp Suite
Nmap
Wireshark
Nessus
Software Security
Network Design
Identity Management
Scripting
Python
C
C++
Windows PowerShell
Bash
NIST 800-53
OWASP
Mapping
Security Controls
OSCP
GPEN
Certified Ethical Hacker
Cyber Security
Emulation
Social Engineering
Cloud Computing
Amazon Web Services
Microsoft Azure
Docker
Kubernetes
Testing
Continuous Integration
Continuous Delivery
Software Development
Assembly
Embedded Systems
Java
FedRAMP
FISMA
Oracle Linux

Summary

CCS Global Tech is a rapidly growing Information Technology company with a diverse portfolio of technology products and services and a large network of industry partnerships. With over 22 years of being a successful business with a global talent pool and presence, CCS is a certified Microsoft Gold Partner and specializes in delivering expert Microsoft based solutions for technical and business needs. We have been recognized by Inc. 500 Magazine as one of the fastest growing small companies in the Unites States.

we are a Tier 1 vendor for the City and County of San Francisco for Cloud Services, Staffing Services and Training Services. For this multi-year opportunity with a diverse set of needs to address, we are currently focusing on establishing partnerships with individuals as well as companies who can help us enhance our overall service portfolio, cut lead times, and ultimately help us deliver successfully. We currently hold sizable Government accounts in the San Francisco bay area including City and County of San Francisco, San Mateo County, and Santa Clara County.

We take great pride in our global reach and local influence. Your experience alongside our highly skilled and talented internal team who guide you along the way, offers key insights into what helps you stand out in a competitive job market.

If you are a partner company, please submit resumes with contact information of your own W2 Consultants only. Submitted consultants are expected to have excellent communication skills.

Roles/Responsibilities:

Conduct internal and external penetration testing of networks, web applications, APIs, and cloud environments to identify security vulnerabilities and exploit paths.
Perform red team engagements simulating real-world adversary tactics, techniques, and procedures (TTPs) aligned with MITRE ATT&CK.
Execute vulnerability assessments and validate remediation efforts through retesting and technical verification.
Develop comprehensive penetration testing reports, including executive summaries, risk ratings, proof-of-concept evidence, and actionable remediation guidance.
Perform threat modeling and attack surface analysis to identify high-risk exposure areas and privilege escalation pathways.
Conduct secure configuration reviews of operating systems, network infrastructure, cloud platforms, and identity systems.
Evaluate application security through dynamic and manual testing techniques, including authentication, session management, input validation, and access control testing.
Review source code for security weaknesses and secure coding gaps, particularly in C/C++, Python, Java, or similar languages.
Develop and maintain custom scripts or tooling to automate testing activities and enhance offensive security capabilities.
Support incident response activities by recreating attack chains, validating compromise scenarios, and identifying root causes.
Assess Zero Trust implementations, micro-segmentation strategies, and identity-based security controls for effectiveness.
Conduct phishing simulations and social engineering exercises to evaluate user awareness and organizational resilience.
Provide technical briefings to executive leadership and technical stakeholders regarding risk posture and remediation prioritization.
Collaborate with engineering, DevOps, and infrastructure teams to remediate identified vulnerabilities and strengthen security architecture.
Contribute to the development of security policies, testing methodologies, and enterprise security standards.
Support compliance efforts by mapping testing results to NIST, OWASP, CIS, or other applicable security frameworks.
Participate in continuous improvement of penetration testing methodologies, tools, and adversary emulation strategies.
Adhere to all security, change control, and MHBE Project Management Office (PMO) policies, processes, and methodologies.

Mandatory Skills:

A Minimum eight (8) years of progressive experience in cybersecurity
A minimum of five (5) years performing penetration testing or red team engagements.
A minimum of five (5) years conducting network penetration testing, web application and API testing, internal and external vulnerability assessments and threat modeling and attack path analysis
A minimum of five (5) years developing and delivering formal penetration test reports, including executive summaries and technical remediation guidance.
A minimum of five (5) years supporting incident response investigations and validation testing.
A minimum of five (5) years with common penetration testing tools (e.g., Metasploit, Burp Suite, Nmap, Wireshark, Nessus, etc.).
Strong knowledge of Secure coding practices, Application security testing (SAST/DAST concepts), Network architecture and segmentation and Identity and access management concepts
A minimum of five (5) years of demonstrated scripting or development ability in at least one language (e.g., Python, C/C++, PowerShell, Bash).
A minimum of five (5) years of working with NIST Cybersecurity Framework, NIST 800-53 or similar federal control frameworks, MITRE ATT&CK and OWASP Top 10
A minimum of five (5) years of experience mapping findings to security control frameworks.
At least one recognized offensive security certification (e.g., OSCP, GPEN, GXPN, CEH, or major experience can substitute for certification).
Demonstrated ability to communicate technical findings to executive and non-technical audiences and provide actionable remediation recommendations.
Demonstrated experience working in government or highly regulated environments.

Desirable Skills:

A Minimum ten (10) years of progressive experience in cybersecurity
A minimum of eight (8) years of experience in Advanced Offensive Security:
1. Experience leading red team engagements.
2. Experience performing adversary emulation exercises.
3. Experience conducting phishing and social engineering simulations.
4. Experience performing purple team exercises.
A minimum of five (5) years of experience in Zero Trust & Architecture:
1. Experience designing or assessing Zero Trust implementations.
2. Experience evaluating micro-segmentation strategies and identity-centric controls.
A minimum of five (5) years of experience in Cloud & Modern Infrastructure:
1. Experience performing security assessments in AWS or Azure environments, Containerized environments (Docker/Kubernetes) and Infrastructure-as-Code deployments
2. Experience testing CI/CD pipelines.
A minimum of ten (10) years of experience in Software Development Depth:
1. Strong low-level development knowledge (kernel, assembly, embedded systems) that supports advanced exploit analysis.
2. Experience reviewing source code in JAVA or other compiled languages for vulnerabilities.
A minimum of ten (10) years of experience in Government in the following:
1. Experience supporting federal or state government security programs.
2. Familiarity with FedRAMP, FISMA, or IRS Pub 1075 environments.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 10290999
Position Id: 2026-7340
Posted 1 hour ago

Company Info

About CCS Global Tech

Headquartered in Poway, California and eight international offices, CCS Global Tech is a Certified Minority Business Enterprise (MBE) and a leading provider of enterprise solutions. We provide solutions that cover the full business spectrum from application development, data warehouse software, real time data warehousing, business analysis software, and web-based application development. Our clients span the globe and benefit from our comprehensive support capabilities.

Our tools and technical expertise have repetitively proven to reduce the time and costs associated with software and custom solution development. CCS Global Tech begins each project with quality analysis and business due diligence in order to deliver quality solutions for our clients. Our team of international talent asks critical questions that illuminate the fine details of the project scope. Once we have a clear and comprehensive view of the objectives sought, we set to work to bring your vision to life.

We have a complementary matrix of skills and talents across multiple platforms that allow us to identify, target and bridge technical gaps. Regardless of the size and scope of your business application, data warehouse initiative, or enterprise-wide project, our team supports service, technical capabilities and cost effective solutions that are unmatched by our competition. We focus on delivering state-of-the-art technology, application development, warehousing and support to our clients. With the scope and flexibility to optimize development schedules and products to fit any budget requirements, CCS Global Tech is aptly positioned to not only meet unique, strategic IT objectives of diverse organization, but also complement organizational goals.