Senior Cyber Vulnerability and Penetration Tester in Nellis Air Force Base, NV at DCS

Date Posted: 3/18/2023

Job Snapshot

Job Description

Provide AFOTEC with cyber Subject Matter Expertise (SME) support in the stand-up of the Vulnerability Analysis Team (VAT), training of team members; and the execution of cybersecurity operational test and evaluation (OT&E) events. SME(s) will execute continuous cyber vulnerability and penetration events in a “hands-on keyboard” manner.

Det 6 Cybersecurity Test Team efforts are in direct support of OT&E operations. This position addresses the cybersecurity analysis efforts required to accomplish vulnerability and penetration test and assessment on the various Weapon Systems to include the Air Vehicle and supporting information systems (maintenance, logistic, mission planning, training and reprogramming systems). Analysis will include execution and reporting sub-tasks.

Essential Job Functions

Provide Advisory and Assistance Services (A&AS) to the Det 6 Cybersecurity Vulnerability Assessment Team with standing up a native capability to assess the cybersecurity of Systems Under Test (SUT). Activities include assisting AFOTEC personnel in instantiating a cyber-test capability, training AFOTEC personnel in cybersecurity testing, and assisting in the “hands-on-keyboard” execution of vulnerability and penetration testing. Special qualifications for specific role(s) are further discussed below

Member will be responsible for assisting in the stand-up of the Vulnerability Analysis Team, training team members, executing vulnerability and penetration events with the team. There will not be significant work in scheduling or reporting. This position will be a “hands-on-keyboard” cyber SME who will spend a majority of their time conducting test or training personnel.

Sub-Task 001: Cybersecurity Vulnerability Analysis Execution

  • Execution

    • Execute cybersecurity assessments of AFOTEC SUTs.
    • Utilize cyber toolsets, and equipment to evaluate the cybersecurity of AFOTEC SUTs
    • Provide SME support to other members of the AFOTEC VAT.

  • Reporting

    • Provide technical inputs to test report author(s)

  • Deliverables during Sub-Task 001

    • Execution of Vulnerability Analysis Assessments
    • Provide notes and artifacts to report author(s)

    Sub-Task 002: Develop competent test team members

  • Development of Training Curriculum

    • Assist in the development of the training curriculum required to establish initial and ongoing competency of an AFOTEC VAT.

  • Execute Training of AFOTEC Personnel in Vulnerability and Penetration Testing

    • Execute in-house training to cover said competency’s (with occasional external training as necessary)

  • Deliverables during Sub-Task 002

    • Update and modify training curriculum
    • Provide training materials
    • Hands-on training with AFOTEC Det 6 VAT

    Sub-Task 003: Assist in Instantiation and continuous modernization of VAT

  • Identify Required Skills

    • Work with team members to identify the skills needed to establish a capable VAT
    • Identify training to establish the required vulnerability and penetration skills
    • Determine how to accomplish training in-house, as applicable.

  • Identify Required Equipment

    • Determine types of equipment needed to conduct analysis
    • Identify software and toolsets to assist the team in test execution, as needed

  • Establish Procedures

    • Formalize procedures and battle rhythm for VAT into a Concept of Operations (CONOPS), and eventually a Concept of Employment (CONEMP)

  • Demonstrate Initial Capability

    • Follow a “crawl, walk, run” approach with VAT and demonstrate an initial capability to execute cyber vulnerability and penetration analysis on a SUT.

  • Deliverables During Sub-Task 003

    • Establish initial training curriculum
    • Generation of TTPs and procedures for VAT
    • Identification of needed equipment
    • Initial demonstration of test capability
    • Published CONOPS for VAT

    Required Skills:

    Due to the sensitivity of customer related requirements, U.S. Citizenship is required.  

    A High School Diploma plus 16 years of experience, an Associate degree plus 10 or a Bachelor's degree plus 8 years of relevant experience.

    Active Top Secret security clearance. The TS security clearance must have been completed within the past 5 years. 

    Required to obtain and maintain a Top Secret clearance with access to SCI and SAPs. 

    Well qualified candidates will have significant experience and competency in conducting/activities associated with cyber vulnerability and penetration testing. Experience on a Cyber Red or Blue Team as a penetration tester is highly desired.  

    Other preferred qualifications are developmental or operational test and evaluation experience. 

    Candidate should have a clear understanding and capability in vulnerability penetration testing methodologies, tools deployment and use, and execution. In addition, the candidate must have the ability to apply programming language structures (e.g., source code review) and logic. Candidates must be eligible to receive government information systems administrative credentials. 

  • Job Requirements


    ChooseYour Path