We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
#alert
Back to search results

Cyber Security Analyst

Ampcus, Inc
United States, Virginia, Chantilly
14900 Conference Center Drive (Show on map)
Dec 27, 2024
Ampcus Cyber Inc, a leading global pioneer in Cybersecurity committed to securing businesses against evolving cyber threats, headquartered in Chantilly, VA is looking for a Cybersecurity Specialist to join our Team working from our Corporate Chantilly office.

Job Responsibilities:

  • Perform recon on applications and networks
  • Perform penetration testing and system exploitation against desktops, servers, applications, operating systems, and security systems to gain root and administrator access for highly specialized network systems
  • Perform internal and external pentest against systems to determine vulnerabilities and offer mitigation strategies
  • Perform reconnaissance, privilege escalation persistence, lateral movement, and payload generation against information systems
  • Analyze vulnerabilities, delivering clear and coherent written reporting, identifying network risks, and providing mitigation recommendations
  • Conduct penetration and malicious user testing in Cloud environments, including Amazon Web Services (AWS), Azure, and on-premise systems
  • Translate systems and applications into security test plans, performing hands-on security testing and leveraging adversarial tactics
  • Must be able to use at least two of the following proficiently and instruct others on them: Nessus, Burp, Metasploit, and the Social Engineering Toolkit.
  • Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption
  • Ability to assist with researching and evaluating security policies and guidance
  • Ability to train other team members on security concepts
  • Excellent communication skills


Required Skills

  • 4-5 years of experience in related field
  • Demonstrated real-world experience performing grey and black box penetration testing.
  • Must be proficient in exploiting common web application vulnerabilities like XSS, CSRF, Command Injection, SQLi, single sign-on bypass, etc.
  • Must be proficient in any of the following: PowerShell Empire, Metasploit Framework, Cobalt Strike, Burp Suite, Canvas, Kali Linux, A/V evasion methodologies, Exploit Dev.
  • Must have solid working experience and knowledge of Windows operating systems (incl. Active Directory), Linux operating systems; VMware ESXi or similar; mobile platforms are a plus.
  • Solid understanding of networking, TCP/IP, virtualization and cloud architecture.
  • Strong familiarity with some of the following: OWASP top 10, DoD and NSA Vulnerability and Penetration Testing Standards.
  • Knowledge of exploitation concepts including phishing and social engineering tactics, buffer overflows, fuzzing, SQLi, MiTM, covert channels, secure tunneling and open-source exfiltration techniques.
  • Experience with Linux, Windows, wireless, and virtual platforms
  • Knowledge of information security policies and guidance
  • Proactive interest in emerging technologies and techniques related to penetration testing


Preferred Skills and Qualifications

  • Experience with IOT device is a plus
  • Certifications such as CEH or OSCP
  • Malware analysis or digital computer forensics experience is a plus
  • Scripting (Windows/*nix), Bash, Python, Perl or Ruby, Systems Programming is a plus



Applied = 0

(web-86f5d9bb6b-f242k)