HVA Operations Personnel (Operator) (15.27)
OCT Consulting is a business management and technology consulting firm that provides support to Federal Government clients. We provide consulting services in the areas of Strategy, Process Improvement, Change Management, Program and Project Management, Acquisition/Procurement, and Information Technology.
The HVA Operations Personnel (Operator) serves as the penetration testing specialist for NT1 HVA Assessments, responsible for conducting technical security testing, vulnerability identification, and providing detailed technical findings to support the overall assessment process.

EXPERIENCE REQUIREMENTS

• Minimum 3+ years of hands-on penetration testing experience in enterprise environments
• 2+ years of experience with federal cybersecurity assessments and compliance requirements
• Demonstrated experience with NIST security controls and information assurance frameworks
• Experience supporting High Value Asset assessments or similar critical infrastructure security evaluations

TECHNICAL SKILLS AND EXPERTISE

• Advanced penetration testing skills with proven track record of successful security assessments
• Expertise in network security assessment, vulnerability identification, and exploit techniques
• Proficiency with industry-standard penetration testing tools and frameworks
• Knowledge of common attack vectors, security vulnerabilities, and defensive countermeasures
• Understanding of network protocols, system architectures, and security technologies
• Experience with both automated scanning tools and manual testing techniques

SECURITY KNOWLEDGE

• Comprehensive understanding of NIST Cybersecurity Framework (CSF)
• Knowledge of Federal Information Security Modernization Act (FISMA) requirements
• Understanding of High Value Asset security requirements and assessment methodologies
• Familiarity with DHS CISA assessment standards and procedures
• Knowledge of information assurance and cybersecurity best practices

ADDITIONAL QUALIFICATIONS

• Strong analytical and problem-solving skills
• Excellent attention to detail and documentation abilities
• Ability to work independently and as part of a multidisciplinary team
• Effective written and oral communication skills for technical reporting
• Ability to explain complex technical findings to non-technical stakeholders
• Strong ethical standards and understanding of responsible disclosure practices

PRE-EMPLOYMENT REQUIREMENTS

• All personnel must have existing prerequisite experience and credentials prior to onboarding
• Government will not bear expense of training to gain required certifications or experience
• Key personnel cannot begin work until Contracting Officer/COR provides written approval of resumes
• Must provide 30-day advance written notification before removing key personnel from the task

• Penetration Testing: Lead and execute the Penetration Test phase of NT1 HVA Assessments
• Rules of Engagement Compliance: Interpret and strictly follow applicable rules of engagement during all testing activities
• Technical Security Assessment: Conduct comprehensive technical security testing of identified NT1 HVA systems
• Vulnerability Analysis: Identify, analyze, and document security vulnerabilities and potential attack vectors
• Results Documentation: Provide detailed penetration test results as appendices to assessment reports
• Technical Collaboration: Work closely with Assessment Lead and Technical Lead to support overall assessment objectives
• Security Tool Utilization: Employ appropriate penetration testing tools and methodologies in accordance with CISA standards
• Risk Assessment Support: Contribute technical findings to overall risk assessments and impact statements