Cyber Security Assessor
MD, 21076, US
Full Time Mid-level / Intermediate Clearance required USD 125K - 135K
ASRC Federal
Achieving successful mission outcomes and elevated performance for federal civilian, defense and intelligence agencies, while building an enduring enterprise focused on customers, employees and shareholders.
ASRC Federal is a leading government contractor furthering missions in space, public health and defense. As an Alaska Native owned corporation, our work helps secure an enduring future for our shareholders. Join our team and discover why we are a top veteran employer and Certified Great Place to Work™
ASRC Federal is actively hiring a Cyber Security Assessor in support of our DCSA program based out of Hanover Maryland.
This is primarily a Telework position with a requirement to be onsite up to one (1) day a week.
We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefit packages. This position is offering a pay range of $125,000.00 - $135,000.00 depending on experience, seniority, geographic locations, and factors permitted by law. Benefits offered may include health care, dental, vision, life insurance; 401k; education assistance; paid time off including Paid Time Off, holidays and any other paid leave required by law.
Job Description:
ASRC Federal is seeking a Cyber Security Assessor, who will provide broad and in-depth knowledge to conduct offensive cyber operations across the organization. In this role, they will conduct offensive security operations to emulate adversary tactics and procedures to test preventative, detective, and response controls across the global technology landscape. You will use your expertise to help influence technology decisions and work as part of a team to create consistent approaches to the offensive security processes and techniques.
Minimum Requirements:
• At least two (2) years of experience in penetration testing or related cyber security role. May accept experience from related roles (e.g., IT security, network administration, or cybersecurity internships) with hands-on experience through capture the flag, bug bounties, or personal projects.
• Active Top-Secret Clearance REQUIRED, eligible to be upgraded to TS/SCI
• Associate’s degree in Cybersecurity, Information Systems, Computer Science, or related field. Equivalent Military experience will be considered.
• Certification(s):
◦ Candidates must meet DD8140/DoD8570 IAT Level II (or higher) baseline certification requirements at the time of hire. Acceptable certifications include at least one of the following:
• Cisco Certified Network Engineer Security (CCNA Security)
• CompTIA Security+ CE
• CompTIA Cybersecurity Analyst (CySA+)
• GIAC Security Essentials Certification (GSEC)
• Systems Security Certified Practitioner (SSCP)
◦ Addition desired certifications:
• Certified Ethical Hacker (CEH) Preferred
• CyberSec First Responder (CFR) Preferred
• Computer Hacking Forensic Investigator (CHFI) Preferred
• CompTIA Cloud+ Preferred
• Practical Network Penetration Tester (PNPT)
• Junior Penetration Tester – INE/OffSec (eJPT)
• Certified Professional Penetration Tester (eCPPT)
• Offensive Security Certified Professional (OSCP)
• Certified Red Team Professional (CRTP)
• GIAC Web Application Penetration Tester (GWAPT)
• GIAC Penetration Tester (GPEN)
• GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
Basic Qualifications:
Candidates should demonstrate expertise or strong foundational understanding in the following areas:
• Ability to plan and execute penetration tests and red team operations against enterprise systems, applications, and networks.
• Familiarity with adversary emulation, TTPs (Tactics, Techniques, and Procedures), and MITRE ATT&CK framework.
• Ability to identify, exploit, and document vulnerabilities in diverse environments, including cloud-based infrastructure.
• Proficiency with offensive security tools such as:
◦ Kali Linux, Burp Suite, Nmap, Metasploit, C2 Frameworks, Wireshark, Impacket, BloodHound, Responder
• Working knowledge of one or more scripting or automation languages (e.g., Python, PowerShell, Bash).
• Familiarity with Linux and Windows command line.
• Strong verbal and written communication skills for documenting findings and presenting to both technical and non-technical stakeholders.
• Ability to conduct post-exploitation activities and lateral movement simulations in safe and controlled environments.
• Understanding of defensive techniques and how to evade common detection tools (EDR, SIEM, IDS/IPS).
• Experience conducting threat modeling and advising on security architecture is a plus.
We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefits packages. Benefits offered may include health care, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law.
EEO Statement
ASRC Federal and its Subsidiaries are Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.
ASRC Federal is actively hiring a Cyber Security Assessor in support of our DCSA program based out of Hanover Maryland.
This is primarily a Telework position with a requirement to be onsite up to one (1) day a week.
We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefit packages. This position is offering a pay range of $125,000.00 - $135,000.00 depending on experience, seniority, geographic locations, and factors permitted by law. Benefits offered may include health care, dental, vision, life insurance; 401k; education assistance; paid time off including Paid Time Off, holidays and any other paid leave required by law.
Job Description:
ASRC Federal is seeking a Cyber Security Assessor, who will provide broad and in-depth knowledge to conduct offensive cyber operations across the organization. In this role, they will conduct offensive security operations to emulate adversary tactics and procedures to test preventative, detective, and response controls across the global technology landscape. You will use your expertise to help influence technology decisions and work as part of a team to create consistent approaches to the offensive security processes and techniques.
Minimum Requirements:
• At least two (2) years of experience in penetration testing or related cyber security role. May accept experience from related roles (e.g., IT security, network administration, or cybersecurity internships) with hands-on experience through capture the flag, bug bounties, or personal projects.
• Active Top-Secret Clearance REQUIRED, eligible to be upgraded to TS/SCI
• Associate’s degree in Cybersecurity, Information Systems, Computer Science, or related field. Equivalent Military experience will be considered.
• Certification(s):
◦ Candidates must meet DD8140/DoD8570 IAT Level II (or higher) baseline certification requirements at the time of hire. Acceptable certifications include at least one of the following:
• Cisco Certified Network Engineer Security (CCNA Security)
• CompTIA Security+ CE
• CompTIA Cybersecurity Analyst (CySA+)
• GIAC Security Essentials Certification (GSEC)
• Systems Security Certified Practitioner (SSCP)
◦ Addition desired certifications:
• Certified Ethical Hacker (CEH) Preferred
• CyberSec First Responder (CFR) Preferred
• Computer Hacking Forensic Investigator (CHFI) Preferred
• CompTIA Cloud+ Preferred
• Practical Network Penetration Tester (PNPT)
• Junior Penetration Tester – INE/OffSec (eJPT)
• Certified Professional Penetration Tester (eCPPT)
• Offensive Security Certified Professional (OSCP)
• Certified Red Team Professional (CRTP)
• GIAC Web Application Penetration Tester (GWAPT)
• GIAC Penetration Tester (GPEN)
• GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
Basic Qualifications:
Candidates should demonstrate expertise or strong foundational understanding in the following areas:
• Ability to plan and execute penetration tests and red team operations against enterprise systems, applications, and networks.
• Familiarity with adversary emulation, TTPs (Tactics, Techniques, and Procedures), and MITRE ATT&CK framework.
• Ability to identify, exploit, and document vulnerabilities in diverse environments, including cloud-based infrastructure.
• Proficiency with offensive security tools such as:
◦ Kali Linux, Burp Suite, Nmap, Metasploit, C2 Frameworks, Wireshark, Impacket, BloodHound, Responder
• Working knowledge of one or more scripting or automation languages (e.g., Python, PowerShell, Bash).
• Familiarity with Linux and Windows command line.
• Strong verbal and written communication skills for documenting findings and presenting to both technical and non-technical stakeholders.
• Ability to conduct post-exploitation activities and lateral movement simulations in safe and controlled environments.
• Understanding of defensive techniques and how to evade common detection tools (EDR, SIEM, IDS/IPS).
• Experience conducting threat modeling and advising on security architecture is a plus.
We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefits packages. Benefits offered may include health care, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law.
EEO Statement
ASRC Federal and its Subsidiaries are Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.
Job stats:
2
0
0
Tags: Automation Bash Burp Suite CEH CHFI Clearance Clearance Required Cloud CompTIA Computer Science CySA+ EDR Exploit GIAC GPEN GSEC GWAPT GXPN IDS IPS Kali Linux Metasploit MITRE ATT&CK Nmap OCO Offensive security OSCP Pentesting PowerShell Python Red team Scripting SIEM SSCP TS/SCI TTPs Vulnerabilities Windows
Perks/benefits: 401(k) matching Competitive pay Health care Insurance
Region:
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information System Security Officer jobsSenior Cloud Security Engineer jobsSenior Cybersecurity Engineer jobsSenior Security Analyst jobsSystems Administrator jobsIT Security Analyst jobsCyber Security Specialist jobsSenior Information Security Analyst jobsInformation Security Manager jobsSenior Network Security Engineer jobsSenior Information Security Engineer jobsSenior Product Security Engineer jobsSecurity Consultant jobsInformation Systems Security Engineer jobsSecurity Specialist jobsChief Information Security Officer jobsInformation System Security Officer (ISSO) jobsSenior Cyber Security Engineer jobsIT Security Engineer jobsCybersecurity Specialist jobsCyber Threat Intelligence Analyst jobsSenior IT Auditor jobsSenior Software Engineer jobsSecurity Operations Analyst jobsNetwork Engineer jobs
EDR jobsCEH jobsTS/SCI jobsEncryption jobsJava jobsSplunk jobsThreat detection jobsSDLC jobsIDS jobsFinance jobsMalware jobsIPS jobsTerraform jobsRMF jobsTop Secret jobsSQL jobsForensics jobsDocker jobsSOC 2 jobsActive Directory jobsCompTIA jobsITIL jobsIntrusion detection jobsOWASP jobsClearance Required jobs