The DoD is looking to test and evaluate systems through a Whitebox adversarial approach in support of Air Force clients, with a focus on the filtering capabilities and low-level data flows within the architecture of the system.
Requirements
- Knowledge of networking concepts, including the OSI model
- Knowledge of virtualization
- Knowledge of Linux distributions, including basic administration and configuration
- Experience with programming in C, C++, Bash, Python, or Java
- Experience with penetration testing or adversarial emulation
- Knowledge of vulnerability assessment tools, including Kali Linux, Wireshark, Tripwire, Burp Suite, and Metasploit
- Knowledge of current cyber threats and how to appropriately harden a system to prevent them
Responsibilities
- Test and evaluate systems through a Whitebox adversarial approach
- Work with systems that are assessed based on the NIST 800-53 Risk Management Framework (RMF) and Raise the Bar (RTB) security control requirements
- Focus on the filtering capabilities and low-level data flows within the architecture of the system
- Build capabilities by learning from the expertise of others within a skilled team
- Collaborate with a team of creative problem-solvers
- Evaluate systems based on Mandatory Access Controls (MAC) and Discretionary Access Controls (DAC)
- Assess systems based on the NIST 800-53 Risk Management Framework (RMF) and Raise the Bar (RTB) security control requirements
Other
- Ability to obtain a Secret clearance
- Scheduled to obtain a Bachelor's degree by Summer 2028
- Must be on camera during interviews and assessments
- Must be willing to work in a hybrid or onsite environment
- Must be willing to periodically work from a Booz Allen or client site facility
