Hey, CGI Consulting is hiring! They are looking to hire a Penetration Tester for their office in Alexandria, VA. Looks like a pretty fun job. It only requires a Security+ so we don’t imagine this being too senior of a position. I would think you just have to know some of the items in the job description and then maybe learn the rest on the fly. Hopefully most of the job doesn’t involve just 7, 8, and 9. 🙂
And don’t forget … if you organization is interested in posting their career opportunities here, head on over to our Job Board page for all the details. Well anyway … on to the job post.
CDAP – Penetration Tester
CGI Federal is seeking a Computer Defense Assistance Program (CDAP) Penetration Tester, to join their team based out of Washington, DC.
The goal of Computer Defense Assistance Program (CDAP) is to prevent unauthorized access to Army computer systems by identifying points of unauthorized access, assessing depth and degree of potential compromise, and recommending methods, techniques, and configuration modifications needed to secure the system.
CDAP provides requesting individual units and activities with identification, verification, and assessment of system vulnerabilities. In addition, the program offers technical support to mitigate these vulnerabilities.
The Contractor Shall:
- Maintain a Penetration Testing Toolbox which requires researching software/hardware and conducting a vetting process that resembles the Army Certificate of Networthiness process.
- Maintain a lab environment to perform vulnerability research and analysis on exploits, conduct Army penetration testing tool vetting and perform as an operational penetration testing environment.
- Successfully complete the Army Penetration Testing Course for any Contractor not certified as an Army Network Penetration Testing Technician and provides sustainment of that certification.
- Create a Pentagon Security Testing Methodology. This methodology will be the accepted method for performing a through security test and serve as a benchmark for the CDAP personnel. The methodology will be applicable to penetration tests, ethical hacking, security assessments, vulnerability assessments, red-teaming, blue-teaming, posture assessments, war games, and security audits.
- Leverage and utilize the ITIL, ISO, NSA INFOSEC, and DOD Controls to establish a Pentagon IT Auditing methodology.
- Support enhanced compliance visits, by utilizing and IAW DODI 8500.2 Information Assurance Implementation.
- Conduct a blue team assessment for IT audit missions.
- Implement sound risk analysis and risk management practices and IAW DOD.
- Audit of Information Systems and utilize DODI 8500.2 as a guide for analyzing IA controls.
- Research and track vulnerabilities of operating systems, software applications, and network infrastructure. Develop procedures to identify vulnerabilities on ITA managed networks and recommend and/or implement techniques when required for mitigation.
- Map network infrastructure during each assessment, or as needed, using software tools to collect network data and create network diagrams for inclusion in trends and analysis reports for leadership and the customer. Research, recommend, and test vulnerability software and hardware products approved for purchase and use. If not approved, take appropriate steps for approval when required.
- Maintain a documented audit toolkit with all tools used to conduct the vulnerability assessment and analysis mission.
- Conduct wireless scanning (i.e., war driving) to detect unauthorized wireless access points connected to the Pentagon network backbone.
- Security + Certification
Interim Secret Clearance (Minimum)
About CGI Consulting
At CGI, we’re a team of builders. We call our employees members because all who join CGI are building their own company – one that has grown to professionals located in 125 offices worldwide. Founded in 1976, CGI is a leading IT and business process services firm committed to helping clients succeed. We have the global resources, expertise, stability and dedicated professionals needed to achieve results for our clients – and for our members.
CGI offers a competitive compensation package with opportunities for growth and professional development. Benefits for full-time, permanent members start on the first day of employment and include a paid time-off program and profit participation and stock purchase plans.
Follow-Up Contact Information
For additional information and to apply, head on over to its requisition.