Position Title

Vulnerability Assessment Analyst and Penetration Tester (Contingent)

Work Location

Camp Pendleton, CA 

Position Description

The Vulnerability Assessment Analyst and Penetration Tester is responsible for the delivery of continuous cyber assessments, solving complex technology problems, building tools, and identifying and influencing response to and mitigation of threats.  Perform manual assessment of systems, services, and software; specializing in security issues beyond those identified by static analysis tools.  The individual ensures services, applications, and websites are designed and implemented to the highest security standards.  Responsible for application and hardware penetration testing, automating repetitive tasks using various scripting languages, mentoring, and leading other engineers to deliver complex penetration tests and vulnerability assessments.  The individual will be expected to drive automation, tooling, efficiency, and advance the teams penetration testing capabilities.  Responsible for creating threat mitigation plans.

Minimum Position Requirements:

• Five years of hands-on penetration testing experience with operating systems, web applications, and network infrastructure.
• Administrator-level knowledge of Windows and Linux Server operating systems.
• Experience with operating system security.
• Competent with testing frameworks and tools, such as Burp Suite, Metasploit, Cobalt Strike, Kali Linux, Nessus, PowerShell Empire.
• Knowledge of the functionality and capabilities of computer network defense technologies, including router Access Control Lists (ACLs), firewalls, Intrusion Detection System (IDS)/Intrusion Prevention System (IPS), antivirus/Endpoint Detection and Response (EDR), and web content filtering.
• Strong written and verbal communication skills, including the ability to explain complex technical topics to non-technical audiences.
• Possess one of the following certifications upon onboarding:
  • Offensive Security Certified Professional (OSCP)
  • Offensive Security Web Assessor (OSWA)
  • GIAC Web Application Penetration Tester (GWAPT)
  • GIAC Penetration Tester (GPEN)
  • GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
  • Offsec Experienced Penetration Tester (OSEP)
  • Offsec Web Expert (OSWE)

Obtain one of the following certifications within 9 months of onboarding: 

• o GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
• o Offsec Experienced Penetration Tester (OSEP)
• o Offsec Web Expert (OSWE)

Reports To

Assigned Program Manager

Security Clearance Requirements

Secret 

Travel Requirements

Travel is anticipated to be 10% - 15% within the Continental United States and 5%-10% outside the Continental United States 

Benefits & Compensation

• New employees are eligible to participate in the company’s benefits plan on their day of hire unless
• Medical Insurance
• Vision & Dental Insurance
• Long Term & Short-Term Disability, Group Life and AD&D Insurance – 100% Employer Paid
• Flexible Spending Plan
• Health Savings Account
• 401(k) Savings Plan – 100% match for the first 3% contributed plus 50% of the next 2% contributed. (no vesting period and eligibility is your date of hire).
• Paid holidays – Eleven (11) per year
• Paid Time Off - One hundred-twenty (120) accrued hours per year
• Professional Development Program
• Salary will be determined based on the individual’s education and experience level noted otherwise. 

Overview

Lumbee Holdings is a leading provider of IT Support, Cybersecurity and Training and Development to the Department of Defense (DoD) and other government agencies. We are seeking a dynamic and experienced Business Development Manager to drive growth and expand our presence in the defense sector. 

Equal Employment Opportunity Policy Statement

It is the policy of Lumbee Tribe Holdings, Inc. and its subsidiaries (the “Company”) not to discriminate against any employee or applicant for employment because of race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, marital status, genetic information, mental or physical disability (and medical condition, for employees in California) or because he or she is a protected veteran. It is also the policy of the Company to take affirmative action to employ and to advance in employment, all persons regardless of race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, marital status, genetic information, mental or physical disability (and medical condition, for employees in California) or protected veteran status, and to base all employment decisions only on valid job requirements. This policy shall apply to all employment actions, including but not limited to recruitment, hiring, upgrading, promotion, transfer, demotion, layoff, recall, termination, rates of pay or other forms of compensation and selection for training, including apprenticeship, at all levels of employment.

Employees and applicants of the Company will not be subject to harassment on the basis of race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, marital status, genetic information, mental or physical disability (and medical condition, for employees of California) or because he or she is a protected veteran. Additionally, retaliation, including intimidation, threats, or coercion, because an employee or applicant has objected to discrimination, engaged or may engage in filing a complaint, assisted in a review, investigation, or hearing or have otherwise sought to obtain their legal rights under any Federal, State, or local EEO law is prohibited. 

NOTE: These statements are intended to describe the general nature and level of work involved for this job. It is not an exhaustive list of all responsibilities, duties, and skills required of this job.