Cyber Threat Auditor

Overview

SOS International LLC (SOSi) is seeking a Cyber Threat Auditor / Penetration Tester to support our customer in Weisbaden Germany. The Penetration tester will conduct active penetration tests against US Army targets to assess the potential of compromise by malicious actors, vet tools for use in the program, prepares assessments and cyber threat reports of current vulnerabilities leveraged into exploitation and, conduct purple team events to improve the posture of cyber threat detection, awareness, and reporting.

**Responsibilities**:

- Utilize offensive toolsets such as Metaspolit and Kali Linux to safely analyze and penetration test production networks and systems, documenting steps and procedures to produce usable vulnerability assessments for the customer
- Identify and investigate vulnerabilities, asses exploit potential, and document findings and remedies for presentation to facilitate mitigations on customer systems
- Perform planning, execution, and documentation of penetration testing missions in accordance with Red Team methodologies
- Travel to customer sites to perform network security evaluations, penetration tests, and brief customers on findings
- Perform open-source intelligence gathering to prepare for missions
- Write reports of vulnerabilities to increase customer situational awareness and improve the customer’s cyber security posture
- Assist all sections of the Defensive Cyber Operations team as required in performing Analysis, System Administration, and other duties as assigned
- Contribute to the design, development and implementation of countermeasures, system integration, and tools specific to Cyber and Information Operations
- Write reports of remotely exploitable vulnerabilities to increase customer situational awareness and improve the customer’s cyber security posture
- Prepare and present technical reports and briefings

**Qualifications**:

- An active in scope Top Secret/SCI clearance is required
- Bachelor of Science/Arts (Engineering or Computer Science or Science or Business Administration or Mathematics) +3, AS +7, major certification +7 or 11+ years specialized experience
- DoD 8570 IAT-II certification (CCNA-Security, CND, CySA+, GICSP, GSEC, Security+ CE, or SSCP) or higher is required
- DoD 8570 CSSP Auditor certification (CEH, GCIH, GCFA, CySA+, or SCYBER) is required
- Must have an in-depth understanding of Defensive Cyber Operations
- Must possess an in-depth understanding of penetration testing methodology, including recon, exploit, persistence, etc.
- Must have a solid understanding of networking protocols, their uses, and their potential misuses
- Programming experience in one or more languages, experience in HTLM/CSS or SQL
- Must be able to obtain certification as a Technical Expert by the German Government under the Technical Expert Status Accreditation (TESA) process

Preferred Qualifications
- Bachelor’s degree in engineering, Computer Science, or Mathematics
- DoD 8570 IAT-III certification (CISSP, CASP, CISA, GCIH)
- Fluency in one or more programming language (e.g., Python, C#, Golang)
- In-depth understanding of physical penetration testing or PACS
- Demonstrated ability to produce written deliverables and brief senior leadership

Working Conditions
- Normal office conditions
- Potential to work on multiple shifts in a rotation schedule covering a 24/7/365 mission
- On site in Wiesbaden, Germany

SOSi is an equal employment opportunity employer and affirmative action employer. All interested individuals will receive consideration and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity, genetic information, or protected veteran status. SOSi takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities, women, protected veterans, and individuals with disabilities.