IIT Inc. Home

IIT Jobs Data Bank-Job Detail

Submit Resume For This Job (via email)
Follow us on LinkedIn or Twitter or Facebook
Follow us on Facebook Follow us on LinkedIn
ID Location Skills $$ Job Type Status
13986 Downtown Manhattan, NY 10004 IT Security Engineer: Penetration Testing, Physical security DOE Contract OPEN
If you are unable to click on links above to submit resume, you may email your resume to
1192-MH2857@apply.maxhire.net    

Subject=IIT Career Site/Resume for JobID=13986 (IT Security Engineer: Penetration Testing, Physical security) in Downtown Manhattan NY 10004 (SAN)

Estimated Length:12 months 37.5 hrs

Requirements

BACKGROUND

The ICS Security Group is seeking a penetration testing specialist to support multiple projects focused on technical Risk Assessments, Vulnerability Analysis, and Proof of Concept Exploitation and Vulnerability Validation within the Operational Technology environment, Industrial Control Systems, and Critical Infrastructure Systems.

The candidate should have a general background in Operational Technology, Industrial Control Systems, or SCADA environments. The ideal candidate should be a subject matter expert in one or more of the following areas:

  • Security Assessments of OT environments
  • Penetration Testing, Vulnerability Analysis, or Security Research in OT environments or ICS devices
  • Security Engineering of OT environments
  • Systems, Network, or Device Administration or Engineering of ICS devices or environments


RESPONSIBILITIES

  • Perform internal and external vulnerability assessment and penetration testing of network infrastructure and applications
  • Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases
  • Perform network reconnaissance, OSINT, social engineering, and physical security reviews
  • Demonstrate advanced understanding of business processes, internal control risk management, IT/OT controls and related standards
  • Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement
  • Assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences
  • Learn the client business environment and its risk management approaches


CONSULTANT QUALIFICATION HIGHLIGHTS & CONSIDERATIONS

  • 10+ Years of Experience in Information Security, Operational Security and/or Related Field
  • 5+ Years of Experience in Red Team operations, Penetration Testing, and/or Vulnerability Assessments
  • Scripting experience in at least one programming language (e.g. Python, PowerShell, Bash)
  • Knowledge of Operational Technologies/Industrial Controls Systems (HMI, PLC/RTU, SCADA, DCS)
  • Knowledge of Active Directory concepts, Windows internals
  • Knowledge of *nix systems


CONSULTANT ADVANCED QUALIFICATION HIGHLIGHTS & CONSIDERATIONS

  • Purple Team engagements, assessments, and cooperations
  • Physical security assessment experience (lock picking, security system bypass, etc.)
  • Database experience (Oracle, MSSQL, MySQL, MongoDB)
  • Application fuzzing experience (WSFuzzer, SPIKE, Sulley, etc)
  • Reverse engineering experience/knowledge, data obfuscators, or ciphers
  • IT Systems & Networking, Mobile, Web Application assessments
  • Developing, extending, or modifying exploits, shellcode or exploit tools


CONSULTANT EDUCATION/CERTIFICATION CONSIDERATIONS

  • Undergraduate degree in Computer Science, Engineering, or related field
  • Penetration Testing Certifications (eg Pentest+, GPEN, GXPN, CEH, LPT, OSCP, or OSCE)
  • Industrial Control System Certifications (eg GICSP, GRID, GCIP)
  • ICS Vendor Specific Certifications
  • ICS / OT Courseware

 

 

 
Submit Resume For This Job (via email)
 
Don't See a Position Matching Your Skills?
Click here to Email / Register your resume and be notified of future job openings.
 
About IIT:

Founded in 1995, IIT is a leading provider of Workforce Solutions to Government and Fortune-1000 organizations. IIT is a winner of Inc-500 award. IIT's core services include:

  • Consulting for projects / IT Outsourcing
  • IT staffing (Contract / Temporary / Contingent / Consulting)
  • Custom Workforce Solutions
  • Recruitment Process Outsourcing (RPO)
  • Headquartered in New York, IIT has over 400 consultants deployed at Client Sites. Other IIT highlights include

  • Winner of Inc-500 award 2 consecutive years
  • Winner of Ernst & Young / USPAACC Fast-50 award 2 consecutive years
  • Winner of USPAACC Top-10 Award in the Northeast US
  • IBM Business Partner
  • Oracle Business Partner
  • Adobe Business Partner
  • NYSA Member - New York Staffing Association - Regional Affiliate of ASA / American Staffing Association
  • NYS MBE certified
  • Our Consultants love working for IIT

  • Competitive compensation
  • W2 or C2C
  • Biweekly Direct Deposit for W2 Consultants
  • Visa and Green Card sponsorship opportunities for qualified individuals
  • Local contact for you to meet and talk to anytime (not someone sitting overseas in a different time zone)
  • Follow us on LinkedIn or Twitter or Facebook

    IIT is an Equal Opportunity Employer