Associate Penetration Tester

What We Do:

At the SEI CERT Cyber Risk and Resilience Directorate, we enable organizations to achieve operational resilience by performing research in emerging areas of operational risk, producing measurement and assessment tools that help organizations better understand their current risk and resilience posture, and developing and validating models, frameworks, and controls that improve organizations’ risk and resilience posture. Our Applied Network Defense team leads and advances the state of the art in technical cybersecurity assessment methodologies, including penetration testing and red-teaming.

Are you creative, curious, energetic, collaborative, technology-focused, and hard-working? Are you interested in making a difference by developing innovative solutions to technical cybersecurity assessment challenges for government organizations and beyond? Apply to join our team.
 

Position Summary:

In this role, you will join the Applied Network Defense team as an associate penetration testing engineer. You will contribute to penetration tests and other technical security assessments, develop and evaluate novel security testing capabilities and methodologies, and transition your knowledge and expertise to the broader community.
 

Requirements:

• Education and Experience: BS or equivalent degree in computer science or related technical field with 3 years of applicable experience (in roles such as penetration tester, information security engineer, network security architect, information systems auditor, or information systems analyst), or a MS or equivalent degree in a relevant discipline with 1 year of applicable experience, or a PhD or equivalent degree in a relevant discipline. Certifications that demonstrate your experience and capabilities as a penetration tester (e.g., OSCP, PJPT, PenTest+) are preferred.
• Contributing to Projects in a Creative, Dynamic Environment: You have experience contributing to multiple simultaneous projects and thrive in a creative and high-energy environment. You are willing to experiment with new practices and develop effective processes, practices, and infrastructure to support successful people and projects.
• Technical Expertise: Candidates must have broad knowledge of technical cybersecurity assessment methods and related domains. This includes work experience related to penetration testing, red teaming, and technical audits.
• Travel: Frequent (15-35%) to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings.
• Security Clearance: You will be subject to a background investigation and must be able to obtain and maintain a United States Department of Defense security clearance.

Duties:

• Task Execution and Customer Engagement (80%): You will contribute to research projects designed to advance the state of the art in technical cybersecurity assessments. You will represent the SEI regularly presenting our mission and our work to our stakeholders.
• Community Engagement (15%): You will engage with our communities of interest; this includes presenting our mission and work via publication and presentation. You will build and maintain relationships with the relevant research and technology communities.
• Professional Development (5%): You will continue to grow your knowledge and skills and stay up to date on emerging trends and topics relevant to the team’s portfolio.

Knowledge, Skills, and Abilities:

• Communication: You are an outstanding communicator and can interact collaboratively and diplomatically with customers and colleagues at all levels of knowledge and experience. You grasp the big picture, direction, and goals of an effort with ability to dig into the details on problems and technical concepts and provide clear direction. You can present complex ideas to people who may not have a deep understanding of the subject area.
• Dedication and Motivation: You can meet deadlines while multi-tasking–sometimes under pressure and with shifting priorities. You are self-motivated and can work toward a common vision with little oversight.
• Creativity and Innovation: You are creative and curious, and you are passionate about the prospect of collaborating with world-class researchers and visionaries at Carnegie Mellon University and other innovation-focused organizations.
• Knowledge and Learning: You possess broad technical interests along with a deep knowledge of penetration testing. You quickly learn new procedures, techniques, and approaches. You are forward-looking and can connect research with practical challenges. You are proactive regarding identifying new opportunities for professional development, and excited to apply an annual professional development budget to your continued knowledge and learning.

Location

Arlington, VA, Pittsburgh, PA

Job Function

Software/Applications Development/Engineering

Position Type

Staff – Regular

Full time/Part time

Full time

Pay Basis

Salary

More Information: 

• Please visit “Why Carnegie Mellon” to learn more about becoming part of an institution inspiring innovations that change the world. 

• Click here to view a listing of employee benefits

• Carnegie Mellon University is an Equal Opportunity Employer/Disability/Veteran. 

• Statement of Assurance