CPT Operator (Host/Network)

% Travel:	25%
Duration:	Full-Time Employee
Minimum Clearance:	TS/SCI Poly
Project or Contract Name:	DCRIOS
Location (address):	San Antonio, TX

PDF Files only

Upload Resume

SES is seeking cyber operators with hands-on Intrusion Detection System (IDS) and forensic analyst experience. In support of National Cyber Protection Team (CPT) operations, candidates will serve as Cyber Operators filling either a Cyber Security Network Analyst position or Cyber Security Host Analyst position. The operator will conduct network navigation, tactical forensic analysis, collection of valuable operational data, and when directed, execute operations in support of defensive initiatives. Operators will provide support for persistent monitoring of all designated networks, enclaves, and systems. Candidate may be required to interpret, analyze, and report findings in accordance with computer network directives, including initiating, responding, and reporting discovered events. Candidates may be required to manage and execute first-level responses and address reported or detected incidents. Candidate will participate in project review meetings and provide technical INFOSEC guidance and updates; document policies, procedures, and lessons learned accordingly. Candidates must possess excellent written and verbal communication skills.

• Minimum Bachelor’s degree and 2 years’ experience, Associates degree with 4 years’ experience or 6 years’ equivalent experience without a degree; degrees focused on engineering or applied science. Other degrees with strong computer technology curriculum may be considered
• General knowledge of physical computer components and architectures, including the functions of various components and peripherals, basic programming concepts, assembly codes, TCP/IP, OSI models, underlying networking protocols, security hardware and software.
• Must meet DoD 8570 IAT Level 3 requirements
• Active TS/SCI clearance; National Team positions will require successful Counter Intelligence Polygraph Examination (completed after hire)
• Must complete self-assessment questionnaire, customer pre-screen, skills assessment lab, pass the training and certification program(s) as dictated by the customer, and remain mission ready qualified
• Candidate should be self-motivated with minimal supervision
• Proficiency in writing, editing, executing scripts on Windows, Linux, UNIX systems.

Experience with one or more of the following is required:

• Experience with toolsets such as Wireshark, ELK, Moloch, Metasploit, tcpdump, NMap, Nessus, Snort, Bro, EnCase, Forensic Toolkit, Windows Fundamentals, UNIX fundamentals, exploitation theory, privilege escalation, evidence removal
• Experience with Cyber Threats Detection and Mitigation, Behavioral Malware Analysis
• Experience with, Advanced Network Traffic Analysis, Malicious Network Traffic Analysis
• Have strong UNIX/Linux fundamentals along with familiarity of UNIX/Linux/Windows Command Line Interface (CLI)
• Demonstrated ability to methodically analyze problems and identify potential solutions
• Ability to explain, present, demonstrate (when applicable) and document the operational impact of a particular vulnerability or exploit
• Ability to assist customer with implementing policies and tactics, techniques and procedures for conducting assessments
• Familiarity with NIST, DISA STIGS and experience in conducting DoD vulnerability and compliance assessments
• Possess or be willing to obtain within 6-months of start date if not already possessed - Operating System Certification; Microsoft or Linux
• Experience programming in assembly, compiled, and interpreted languages.
• Experience with encryption and decryption such as PGP, DES, AES, RSA, and PKI.
• Knowledge of distributed systems, process control, advanced routing, wireless, telecom and datacom platforms.
• Experience programming in C, C++, C#, Ruby, Perl, Python, SQL.
• Certifications such as GXPN, GREM CCNA, CCNP, CCIE, GCFA, GNFA, RHCE, CompTIA, LPT, OSCP, GXPN, GREM CEH, Security+, MCP, and SANS GPEN a plus
• Experience working with correlation environment tools (i.e., ArcSight)

Auditor - Infrastructure - Cloud

% Travel:	25%
Duration:	Full-Time Employee
Minimum Clearance:	TS/SCI
Project or Contract Name:	DCRIOS
Location (address):	San Antonio, TX

PDF Files only

Upload Resume

The candidate will be responsible for conducting vulnerability and compliance assessments on network infrastructure and cloud architectures to include, but not limited to scanning these environments to identify active client, server and infrastructure devices such as routers, switches, firewalls, proxy servers, intrusion detection/prevention systems (IDS/IPS), fingerprint applications/operating systems, identify vulnerabilities, analyze results, manually verify findings to eliminate false positives or negatives, capture artifacts such as screen captures, etc., to provide evidence and artifacts for each exploitable vulnerability, etc. Candidate must also be able to adequately “tell the story” of how vulnerability was exploited and what the overall impact would be to particular hosts or networks.

SPECIFIC TASKS:

• Conduct vulnerability and compliance assessments on AF and DoD systems (i.e., Microsoft Windows and UNIX based platforms) and network infrastructure/cloud architectures (i.e., routers, switches, Voice over IP, etc.)
• Demonstrated understanding of Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) and employed/use of virtual private networks (VPNs)
• Collaborate with cyber and security to ensure security controls are embedded into architectures/designs to be assessed
• Create proof-of-concepts to demonstrate feasibility of new ideas/innovations
• Demonstrated ability to read raw network device configuration and be able to identify and describe why a particular setting is erroneous without the assistance of automated tools
• Remain abreast of emerging cloud technologies to provide input and knowledge on trends to support future customer missions/tasks
• Ability to map out a network and identify the location of discovered devices within the network/cloud architecture
• Ability to methodically analyze problems and identify potential solutions
• Ability to adequately explain, present, demonstrate [when applicable] and document the operational impact of a particular vulnerability or exploit
• Analyze and evaluate network and infrastructure diagrams for potential attack vectors; render sound cyber security remediation recommendations for items identified
• Knowledgeable in common cyber threat terminology, methodologies, possess basic understanding of cyber incident and response, and related current events
• Assist customer with implementing policies and tactics, techniques and procedures for conducting assessments
• Exhibit good written and verbal skills, with an attention to detail and desire to deliver a quality product; additionally, an ability to render concise reports, summaries, and formal oral presentations
• Demonstrate willingness and ability to mentor co-workers an share knowledge with internal customers
• Ability to prioritize conflicting demands to arrange, address and resolve support issues
• Travel up to 25% with trips encompassing 1-4 weeks in duration

MINIMUM REQUIREMENTS:

• Meet DoD 8570 IAT Level 3 requirements (CASP+ CE, CCNP Security, CISA, CISSP, GCED or GCIH) and have an active TS/SCI clearance
• Possess a cloud computing professional certification (AWS Solutions Architect, AWS DevOps Engineer, AWS Advanced Networking, or similar)
• Obtain a CSSP-Auditor (C|EH, CySA+, CISA or GSNA) certification within 6 months of hire
• Willing to obtain a UNIX/Linux certification within 6 months of hire
• Minimum bachelor’s degree and 2 years’ experience, associate degree with 4 years’ experience or 6 years equivalent experience without a degree; degrees focused on engineering or applied science
• Expertise with cross-functional requirements and interfaces for hardware, software and communications in a cloud computing environment (AWS, Azure) (5 years)
• Experience in working with and in a network systems security environment with a focus on network administration and security (5 years)
• Demonstrated understanding of virtualization technology and Docker containers (i.e. Hyper-V, VMware, Citrix, and VirtualBox)
• Proficient in review and understanding of JSON and YAML languages
• Demonstrated ability to employ NMAP, its associated options, and interpret results
• Demonstrated ability to apply Nessus/ACAS and SCC to scan environments and interpret the results; firm understanding of how to review, analyze and interpret DISA STIGs
• Interest in research to stay abreast of future direction and trends for cloud technologies
• Self-motivated with minimal supervision
• Must complete customer pre-screen, skills assessment lab, pass customer training and certification program and remain mission ready qualified

PREFERRED REQUIREMENTS IN ADDITION TO THE AFOREMENTIONED:

• Analytical with the ability to understand and implement customer objectives
• Familiarity with NIST, RMF, DISA STIGs and experience in conducting DoD vulnerability and compliance assessments
• Experience or familiarity with military operations highly desirable

PenTester - Reverse Engineering

% Travel:	25%
Duration:	Full-Time Employee
Minimum Clearance:	TS/SCI
Project or Contract Name:	DCRIOS
Location (address):	San Antonio, TX

PDF Files only

Upload Resume

Are you a problem solver? Do you like complex, challenging puzzles? If so, this position just might be just what you're looking for. This position involves a blending of several disciplines to include, but not limited, penetration testing, reverse engineering, and code/script development. A common scenario would be for the customer to provide a software application, operating system or suite of tools, in which the Penetration Tester, adhering to customer goals or objectives, would analyze, evaluate and identify vulnerabilities, zero days and vectors an adversary could potentially use to gain regular and privileged access. As a minimum, this position requires a demonstrated ability to reverse engineer executables to identify flaws and create and operationally test exploits to take advantage of an identified vulnerability or zero days.

SPECIFIC TASKS:

• Possess strong understanding of UNIX/LINUX fundamentals along with familiarity of the UNIX/LINUX/Windows CLI.
• Analyze, disassemble, and reverse engineer code/executables to discern weaknesses for exploit development; document and transition results in reports, presentations and technical exchanges.
• Demonstrate an ability to methodically analyze problems, identify solutions and remain composed in potentially stressful situations.
• Adequately explain, present, demonstrate [when applicable] and document the operational impact of a particular vulnerability.
• Assist customer with implementing policies and tactics, techniques and procedures for conducting assessments.
• Possess an understanding of Microsoft Office Suite.
• Exhibit good writing and communications skills, to include the ability to render concise reports, summaries, and formal oral presentations.
• Understand and be proficient in common cyber threat terminology, methodologies, possess basic understanding of cyber incident and response, and related current events.
• Travel up to 25% supporting customer assessments up to 1-4 weeks in duration.

MINIMUM REQUIREMENTS:

• Must meet DoD 8570 IAT Level 3 requirements (CASP, CISSP+, CISA, etc.) and have an active TS/SCI clearance
• Possess a penetration tester certification (i.e., GPEN, GXPN, GWAPT, etc.) and reverse engineering certification (i.e., GREM, CREA, eCREA, etc.)
• Must possess a CSSP-Auditor (C|EH, CySA, CISA, GSNA) certification within 6 months of hire
• Willing to obtain a Windows or UNIX/Linux certification within 6 months of hire
• Minimum bachelor’s degree and 2 years’ experience.
• Associates degree with 4 years’ experience or 6 years equivalent experience without a degree; degrees focused on engineering or applied science.
• Hands on experience with penetration testing and reverse engineering.
• Experience in working with and in a network systems security environment with a focus on security and information assurance (5 years).
• Must have thorough knowledge of common network ports and protocols.
• Strong knowledge of Windows® Internals, Windows® Application Programming Interfaces (API), Portable Executable (PE) formats, Windows® Registry, and security models.
• ADVANCED experience with Bash and Power Shell.
• ADVANCED experience in one of the following scripting languages: Perl, Python or Ruby is required.
• Strong knowledge of the following programming languages: Assembly, Java, C#, C, C++ and SQL.
• Work experience with developing proof-of-concept exploit examples to use within reports or live demonstrations
• Must complete self-assessment questionnaire, customer pre-screen, skills assessment lab, pass the customer’s training and certification program and remain mission ready qualified.
• Candidate should be self-motivated with minimal supervision.

PREFERRED REQUIREMENTS IN ADDITION TO THE AFOREMENTIONED:

• Analytical with the ability to understand and implement customer objectives.
• Familiarity with NIST, DISA STIGs and experience in conducting DOD vulnerability and compliance assessments.
• Experience or Familiarity with Military operations highly desirable.

Auditor - Infrastructure - Virtualization

% Travel:	25%
Duration:	Full-Time Employee
Minimum Clearance:	TS/SCI
Project or Contract Name:	DCRIOS
Location (address):	San Antonio, TX

PDF Files only

Upload Resume

SES is hiring for a fantastic role in Cyber Protection as an Infrastructure/Virtualization Assessor in San Antonio, TX . Please review the qualifications and let us know if you're interested today!

The candidate will be responsible for conducting vulnerability and compliance assessments on virtualized architectures to include, but not limited to reviewing network/system documentation to identify cybersecurity design flaws, scanning network(s to identify live hosts and ports, protocols and services, fingerprinting applications/operating systems, detect vulnerabilities, analyze results, verify findings manually, to eliminate false positives or negatives, capture artifacts such as screen captures, etc., to provide evidence and artifacts for each exploitable vulnerability, etc. Candidate must also be able to adequately “tell the story” of how a vulnerability was exploited and what the overall impact would be to particular hosts or networks.

SPECIFIC TASKS:

• Demonstrate extensive VMware Virtualization experience - design, implement, manage and secure a VMware environment, including data center cluster(s) managed by vCenter
• Perform analysis and evaluate virtualized environments to identify vulnerabilities, evaluate DoD/NIST compliance, determine applicability of industry best practices and recommend remediation actions to enhance its cyber security posture
• Assess and leverage knowledge of industry best practices, benchmark data and published security standards to support implementation of virtual environments
• Assess cybersecurity impacts for proposed changes and assess conformance and compliance with cybersecurity requirements for new release capabilities
• Perform security assessments of the systems in the fielded environments to assess the security posture of the systems and technical compliance with the requirements, to include validating security relevant configurations of the systems
• Identify relevant virtualization-related threat information through research/analysis
• Have strong UNIX/LINUX fundamentals along with familiarity of UNIX/LINUX/Windows Command Line Interface (CLI); strong skill set in PowerCLI, PowerShell and bash
• Provide primary technical, maintenance and cyber security support for UNIX/LINUX/ Windows, Virtualization Technologies, Intel hardware and software
• Demonstrate superb organizational, interpersonal, written and verbal communication
• Demonstrate an ability to successfully execute many complex tasks simultaneously
• Demonstrate an ability to make accurate and independent decisions under pressure
• Adequately explain, present, demonstrate [when applicable] and document the operational impact of a particular vulnerability or exploit
• Methodically analyze problems, troubleshoot servers and infrastructure equipment and identify potential solutions
• Demonstrate understanding of common cyber threat terminology, methodologies, and possess basic understanding of cyber incident and response, and related current events
• Assist customer with implementing policies and tactics, techniques and procedures for conducting assessments
• Demonstrate an ability work as a team member as well as independently
• Travel up to 25% with trips encompassing 1-4 weeks in duration

MINIMUM REQUIREMENTS:

• Must meet DoD 8570 IAT Level 3 requirements (CASP, CISSP+, CISA, etc.) and have an active TS/SCI clearance
• Must possess a CSSP-Auditor (C|EH, CySA, CISA, GSNA) certification within 6 months of hire
• Must obtain a MCSA and UNIX/Linux certification within 6 months of hire
• Must possess or be to obtain a VCP6 Data Center, Cloud or Network Virtualization certificate within 6 months upon arrival to the customer site
• Minimum Bachelor’s degree and 2 years’ experience, Associates degree with 4 years’ experience or 6 years equivalent experience without a degree; degrees focused on engineering or applied science; experience with developing, implementing, integrating, maintaining and evaluating security engineering and security for IT enterprise architectures.
• Experience with Hyper-V, VirtualBox, vSphere, VMware virtual switching, vMotion, HA, vRA, vROPS and the vRealize Suite along with VMware NSX (5 years)
• Database Administration Skills (MS SQL and Linux SQL preferred) (5 years)
• Must complete customer pre-screen, skills assessment lab, pass customer training and certification program and remain mission ready qualified
• Self-motivated with minimal supervision

PREFERRED REQUIREMENTS IN ADDITION TO THE AFOREMENTIONED:

• Analytical with the ability to understand and implement customer objectives
• Familiarity with NIST, RMF, DISA STIGs and experience in conducting DoD vulnerability and compliance assessments

Auditor - Infrastructure - Boundary

% Travel:	25%
Duration:	Full-Time Employee
Minimum Clearance:	TS/SCI
Project or Contract Name:	DCRIOS
Location (address):	San Antonio, TX

PDF Files only

Upload Resume

SES is hiring for an exciting career in Cyber Protection as an Infrastructure/Boundary Assessor in San Antonio, TX . Please review the qualifications and lets start your new career!

The candidate will be responsible for conducting vulnerability and compliance inspections to include, but not limited to scanning network(s) to identify active client, server and infrastructure devices such as routers, switches, firewalls, proxy servers, intrusion detection/prevention systems (IDS/IPS), fingerprint applications/operating systems, identify vulnerabilities, analyze results, manually verify findings to eliminate false positives or negatives, capture artifacts such as screen captures, etc., to provide evidence and artifacts for each exploitable vulnerability, etc. Candidate must also be able to adequately “tell the story” of how vulnerability was exploited and what the overall impact would be to particular hosts or networks.

SPECIFIC TASKS:

• Conduct vulnerability and compliance assessments on AF and DoD systems (i.e., Microsoft Windows and UNIX based platforms) and infrastructure devices (i.e., routers, switches, Voice over IP, etc.)
• Demonstrated ability to read raw network device configuration and be able to identify and describe why a particular setting is erroneous without the assistance of automated tools
• Ability to map out a network and identify the location of discovered devices within the network
• Ability to methodically analyze problems and identify potential solutions
• Ability to adequately explain, present, demonstrate [when applicable] and document the operational impact of a particular vulnerability or exploit
• Analyze and evaluate network and infrastructure diagrams for potential attack vectors; render sound cyber security remediation recommendations for items identified
• Knowledgeable in common cyber threat terminology, methodologies, possess basic understanding of cyber incident and response, and related current events
• Assist customer with implementing policies and tactics, techniques and procedures for conducting assessments
• Exhibit good written and verbal skills, with an attention to detail and desire to deliver a quality product; additionally, an ability to render concise reports, summaries, and formal oral presentations
• Travel up to 25% with trips encompassing 1-4 weeks in duration

MINIMUM REQUIREMENTS:

• Must meet DoD 8570 IAT Level 3 requirements (CASP, CISSP+, CISA, etc.) and have an active TS/SCI clearance
• Must possess a CSSP-Auditor (C|EH, CySA, CISA, GSNA) certification within 6 months of hire
• Must obtain MCSA, UNIX/Linux and CCNA certifications within 6 months of hire
• Minimum Bachelor’s degree and 2 years’ experience, Associates degree with 4 years’ experience or 6 years equivalent experience without a degree; degrees focused on engineering or applied science
• System administrator experience (Windows, UNIX) (5 years)
• Experience in working with and in a network systems security environment with a focus on network administration and security (5 years)
• Must complete customer pre-screen, skills assessment lab, pass customer training and certification program and remain mission ready qualified
• Self-motivated with minimal supervision

PREFERRED REQUIREMENTS IN ADDITION TO THE AFOREMENTIONED:

• Analytical with the ability to understand and implement customer objectives
• Familiarity with NIST, RMF, DISA STIGs and experience in conducting DoD vulnerability and compliance assessments
• Experience or familiarity with military operations highly desirable