Base-2 Solutions is seeking an experienced Cyber Hunt Specialist that will perform multidiscipline penetration testing of customer systems and global networks, rapid development of domain or problem-specific tools that leverage identified vulnerabilities, and research on the latest exploitation techniques and threat vectors in support of authorized missions and test events.

Qualifications

• Experience performing web application security assessments.
• Experience with TCP/IP protocols as it relates to network security.
• Experience with offensive tool sets including Kali Linux, Metasploit, CobaltStrike, Intercepting Proxies, etc.
• Experience in using network protocol analyzers and sniffers, as well as ability to decipher packet captures.
• Capable of conducting penetration tests on applications, systems and network utilizing proven/formal processes and industry standards.
• Perform penetration tests on computer systems, networks, and applications.
• Create new testing methods to identify vulnerabilities.
• Perform physical security assessments of systems, servers, and other network devices to identify areas that require physical protection.
• Pinpoint methods and entry points an attacker may use to exploit vulnerabilities or weaknesses.
• Search for weaknesses in common software, web applications and proprietary systems.
• Research, evaluate, document, and discuss findings with IT teams and management.
• Review and provide feedback for information security fixes.
• Establish improvements for existing security services, including hardware, software, policies, and procedures.
• Identify areas where improvement is needed in security education and awareness for users.
• Be sensitive to corporate considerations when performing testing (i.e., minimize downtime and loss of employee productivity)
• Knowledgeable on the latest malware and security threats.
• In depth understanding of emerging threats, vulnerabilities, and exploits.

Desired Skills

• Knowledge of federal policies, regulations, and standards
  • CISA Cloud Security Technical Reference Architecture
  • CISA Zero Trust Maturity Model
  • DoD Zero Trust Reference Architecture
  • M-22-09 Federal Zero Trust Strategy
  • National Security Systems Zero Trust Reference Architecture
  • NIST CSWP Planning for a Zero Trust Architecture - A Starting Guide for Administrators
  • NIST SP 800-207 Zero Trust Architecture

Education and Experience

• HS/GED + 14 years
• Associates Degree + 12 years
• Bachelor’s Degree + 10 years
• Master’s Degree + 8 years
• PhD + 6 years

Required Certifications

• 8750 Cert
• Pen Testing Cert such as Offensive Security Certified Professional (OSCP), CEH, Pentest+, or GPEN

Required Clearance

• Active TS w/ SCI eligibility

Desired Clearance

• Active poly