Job Description

Job Description

Break the System to Build a Stronger One
Join BAE Systems, a global leader in defense and aerospace, where your skills in offensive security protect the world's most critical infrastructure. We are looking for a Lead Penetration Tester to join a high-performing, agile team dedicated to identifying, containing, and eradicating the most sophisticated cyber threats. If you have a passion for uncovering vulnerabilities and a drive to secure Enterprise-wide systems, we want you.

Your Mission
You won't just run scans; you will lead the charge in securing a complex technical ecosystem. Your impact will include:

• Advanced Offense: Design and execute comprehensive internal and external penetration tests, including web applications, physical security, and social engineering.
• Strategic Defense: Translate vulnerabilities into actionable mitigation strategies and provide critical incident response support.
• Collaborative Leadership: Partner with developers and system engineers to harden architectures and embed a "security-first" mindset across the program.
• SME Authority: Define and enforce the security policies and standards that safeguard sensitive data against evolving attack vectors.

Ready to make a real-world impact? Apply today and help us secure the future.

#LI-PB2

Required Skills and Education

• Must possess a TS/SCI clearance appropriate polygraph
• Must have experience with penetration testing tools.
• Must have experience in web development and programming languages such as Java, XML, Perl and HTML.

• Must have experience with programming/scripting in Python, Powershell, C, JavaScript, etc.
• Must have extensive experience performing IT security risk assessments.
• Must have experience performing web app and physical pentests.
• Must have experience with or strong familiarity of the following Web Application tools; Burp Suite, Web Inspect, Appdetective.
• Must have experience with or strong familiarity of Kali.
• Must have experience with or strong familiarity of IPS/IDS solutions.

• Must have a strong understanding of the Cyber Kill Chain methodology.
• Must have experience applying Risk Management Framework.
• Must have experience with secure configurations of commonly used desktop and server operating systems.
• Must have the ability to effectively collaborate with technical staff and customers to form mitigation strategies and plan for continuous modernization and legacy integration.
• Must have experience managing multiple projects simultaneously and quickly and effectively adjusting to shifting priorities in resolving issues.

MDOPS

About BAE Systems Intelligence & Security

BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it's what we do at BAE Systems. Working here means using your passion and ingenuity where it counts - defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team-making a big impact on a global scale. At BAE Systems, you'll find a rewarding career that truly makes a difference.

Intelligence & Security (I&S), based in McLean, Virginia, designs and delivers advanced defense, intelligence, and security solutions that support the important missions of our customers. Our pride and dedication shows in everything we do-from intelligence analysis, cyber operations and IT expertise to systems development, systems integration, and operations and maintenance services. Knowing that our work enables the U.S. military and government to recognize, manage and defeat threats inspires us to push ourselves and our technologies to new levels.

This position will be posted for at least 5 calendar days. The posting will remain active until the position is filled, or a qualified pool of candidates is identified.

Preferred Skills and Education

Preferred Qualifications

• Bachelor's degree in a technical/information assurance field and at least 12 years of relevant experience.

• Certifications in one or more of the following areas strongly preferred:
  • GIAC Web Applications Penetration Tester (GWAPT)
  • GIAC Penetration Tester (GPEN)
  • Certified Ethical Hacker (CEH)
  • Certified Information Security Manager (CISM)
  • Certified Web Application Defender (GWEB)
  • Certified Information System Security Professional (CISSP)
• Extensive experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response.
• Extensive experience providing information assurance support for application development that includes system security certifications and project evaluations for firewalls that encompass development, design, and implementation.

Job Tags

Shift work

Similar Jobs