RPI Group, Inc. is seeking a Sr. Red Team Penetration Tester to join our team in Dam Neck, VA. This position plays a key role in advancing offensive cybersecurity operations by performing in-depth penetration testing or Red Teaming activities in alignment with DoD requirements. The ideal candidate will have a solid foundation in penetration testing and Red Teaming practices with proven experience exploiting common Operating Systems across DoD networks.

QUALIFICATIONS AND EDUCATION REQUIREMENTS:

• Minimum of Seven (10) years of full-time experience conducting penetration testing or offensive Cyber operations.
• Bachelor of Science in Information Systems, Information Technology, Computer Science, or Computer Engineering.
• Active Top Secret/Sensitive Compartmented Information (TS/SCI) security clearance and successfully pass a background investigation.
• Offensive Security Certified Professional (OSCP), or Offensive Security Certified Expert (OSCE), or Offensive Security Exploitation Expert (OSEE), or Offensive Security Wireless Professional (OSWP) certification
• Must meet DoD 8570.01-M requirements (IAW) DFARS 252.239-7001 Baseline Certification, minimum IAT Level II
  At RPI Group, Inc., we value our employees. If you’re passionate about cybersecurity and want to contribute to critical missions, we encourage you to apply and become part of the RPI family!
  EOE Disability/Vets
  OEqUQ0H6z

The Red Team Penetration Tester should be able to demonstrate the following knowledge and/or experience:

• Experience in exploit development and utilizing penetration tools such as Metasploit, NMAP, Kali Linux, Cobalt Strike to mimic threat behavior.
• Experience exploiting common vulnerabilities and misconfigurations associated with common Operating Systems (Windows, Linux, Mac OS, etc.), protocols (HTTP, FTP, etc.), and network security services (PKI, HTTPS, etc.).
• Experience planning and executing Red Team, Penetration Testing, and or Capture the Flag events.
• Knowledge and experience with compliance/vulnerability/risk analysis tools (e.g. Tenable/Nessus, Nmap, ACAS).
• Experience developing and utilizing testing methodologies for threat emulation and vulnerability validation.
• Experience discovering in depth vulnerabilities and usable exploitations in a system and/or organization.
• Experience developing concepts and matrixes to support Red Team operations and exercises.
• Knowledge and experience utilizing Microsoft Active Directory.
• Experience identifying gaps in tools and development techniques.
• Knowledge and experience performing development with scripting and programing languages (examples include python, C++, Java, Rust, Assembly, etc.)

The Red Team Penetration Tester should be able to demonstrate the following knowledge and/or experience:

• Experience in exploit development and utilizing penetration tools such as Metasploit, NMAP, Kali Linux, Cobalt Strike to mimic threat behavior.
• Experience exploiting common vulnerabilities and misconfigurations associated with common Operating Systems (Windows, Linux, Mac OS, etc.), protocols (HTTP, FTP, etc.), and network security services (PKI, HTTPS, etc.).
• Experience planning and executing Red Team, Penetration Testing, and or Capture the Flag events.
• Knowledge and experience with compliance/vulnerability/risk analysis tools (e.g. Tenable/Nessus, Nmap, ACAS).
• Experience developing and utilizing testing methodologies for threat emulation and vulnerability validation.
• Experience discovering in depth vulnerabilities and usable exploitations in a system and/or organization.
• Experience developing concepts and matrixes to support Red Team operations and exercises.
• Knowledge and experience utilizing Microsoft Active Directory.
• Experience identifying gaps in tools and development techniques.
• Knowledge and experience performing development with scripting and programing languages (examples include python, C++, Java, Rust, Assembly, etc.).