Job Description
ECS is seeking a Breach and Attack Simulation Analyst to work in Windsor Mill office.
Position Responsibilities:
Perform Penetration testing
Develop and recommend mitigation strategies to enhance the defense mechanisms of critical infrastructure components
Collaborate with IT and security teams to refine security measures and response strategies.
Prepare detailed reports on findings from simulations and suggest improvements.
Facilitate training sessions for internal teams on security awareness and breach response tactics.
Salary Range: $136,614.00 - $166,973.00
General Description of Benefits: Benefits Link
Required Skills
Job Requirements:
7+ years of IT experience to include 4+ years of experience in either information security, development, or system/network administration.
Demonstrated experience in developing and deploying tactics to penetrate or circumvent modern security defenses such as AV and EDR technologies.
Bachelor's degree in an IT related field or equivalent education or work experience.
Develop subject matter expertise of focused capabilities in the topics of network security, database security, wireless security, or application and development security.
Perform IT security research to remain current on emerging technology trends and develop exploits for disclosed and undisclosed vulnerabilities.
Simulate internal lateral movement activities observed in successful attacks from known adversaries.
Design and execute breach and attack simulations to identify vulnerabilities in network infrastructures, applications, and operating systems.
Self-motivated and able to work in an independent manner.
(SF-85 and SF-86 submission required)
Certifications/Licenses:
Offensive Security Certifications (OSCP, OSCE, etc.)
GIAC Certifications (GPEN, GWAPT, GXPN, etc.)
Technology Specific Certifications (MCSE, LPIC, CCNA, etc.)
Desired Skills
Additional Experience Preferred:
Familiarity with penetration testing tools and tool suites such as Burp Suite Pro, Kali Linux, Nmap, Metasploit, Nessus, tcpdump, Wireshark, Nikto, etc.
Experience looking for security issues such as Cross Site Scripting, SQL Injection, Cookie Manipulation, Buffer Overflows, etc.
Expertise in at least one related functional area (network security, reverse engineering, programming, databases, mainframes, web applications, etc.
Understanding of security operations center (SOC) environments and incident handling procedures.
Ability to leverage threat intelligence to inform simulation scenarios and enhance security posture.
ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
- Dice Id: 10112MAN
- Position Id: 3410
- Posted 5 hours ago
Never miss an opportunity! Create an alert based on the job you applied for.