About Peraton
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.
Responsibilities
Peraton is seeking a Cloud Penetration Tester. This role will support the improvement of cybersecurity analytics by conducting cloud adversarial emulation testing on the Department of Veterans Affairs (VA) Enterprise Cloud (VAEC) systems. The ideal candidate will have a strong background in penetration testing, particularly in cloud environments, and experience with purple-teaming activities.
Day of week: Monday - Friday during normal business hours (EST)
Work Location: 100% Remote
Duties
In this role, a typical day will include:
- Conduct cloud adversarial emulation testing and assessments on VAEC resources.
- Perform purple-team activities to identify and exploit vulnerabilities, ensuring they are remediated in a correct and timely manner.
- Provide a weekly report detailing the number of planned tests, tests completed, and the outcomes of each test.
- Support 3rd party purple team Cybersecurity Infrastructure Security Agency (CISA) assessments on VAEC resources.
- Collaborate with cybersecurity engineers, analysts, and other stakeholders to ensure alignment and effective communication of findings.
- Stay current with the latest cloud security trends, tools, and best practices to ensure the effectiveness of penetration testing activities.
- Document and report vulnerabilities and provide recommendations for remediation to enhance the security posture of VAEC systems.
- Support to baseline, track, and report audit effort to track the fully updated Inventory of Cloud systems and assets with corresponding system owners. Collect and track Metrics and Objectives & Key Results (OKRs) for cloud compliance with regard to security capabilities.
- Support a Cloud Incident Response Plan (IRP) Preparedness/Tabletop Exercise Plan with identified gaps in people, processes, and technologies.
- Support Cloud Vulnerability Scanning Services to include cloud system auditing, continuous vulnerability scanning of the systems is required to provide vulnerability scanning services support to identify all vulnerabilities.
- Provide Cloud Adversarial Emulation Testing/Assessment to ensure that found vulnerabilities are remediated in a correct and timely manner. Support cloud purple-teaming on the resources identified during the planning phase with testing and assessments conducted with a priority of External resources. Support weekly Cloud Adversarial Emulation Testing/Assessment Report that provides the number of planned tests, tests completed, and the details and outcomes of each test.
- Support review of the Cloud systems toolset configurations to ensure security standards and VA policy are being met.
- Provide Cloud Cyber Monitoring and Incident Response to ensure ability to monitor for and respond to cybersecurity incidents affecting VAEC resources and the CSOC has the correct cloud detections and the resources to monitor those detections on 24/7/365 basis.
- Provide support with VA CSOC's role in the development of the VA cybersecurity risk register to identify areas that would be most impacted by a cybersecurity incident.
Qualifications
Required Qualifications:
- 2 years experience with BA/BS, 0 years with MA/MS, 6 years with no degree
- Ability to obtain Public Trust
- Must be a U.S citizen
- Must be able to successfully undergo a Veterans Affairs High Security Investigation (VA BI)
- Experience in penetration testing, particularly in cloud (AWS, Azure, Microsoft 365, etc.) environments.
- Proven experience in adversarial emulation testing and purple-teaming activities.
- Strong understanding of cybersecurity principles, particularly in cloud environments.
- Proficiency in using penetration testing tools and technologies.
- Excellent organizational skills and attention to detail, with the ability to manage multiple tasks simultaneously.
- Exceptional written and verbal communication skills
- Exceptional analytical and conceptual thinking skills
- Strong people skills and ability to work collaboratively with a team of peers
Preferred Qualifications:
- Certification in penetration testing or ethical hacking (e.g., OSCP, CEH) is a plus.
Benefits:
At Peraton, our benefits are designed to help keep you at your best, beyond the work you do with us daily. We are fully committed to the growth of our employees. From fully comprehensive medical plans to tuition reimbursement, tuition assistance, and fertility treatment, we are there to support you all the way.
Target Salary Range
$86,000 - $138,000. This represents the typical salary range for this position based on experience and other factors.
SCA / Union / Intern Rate or Range
EEO
An Equal Opportunity Employer including Disability/Veteran.
Our Values
Benefits
At Peraton, our benefits are designed to help keep you at your best beyond the work you do with us daily. We're fully committed to the growth of our employees. From fully comprehensive medical plans to tuition reimbursement, tuition assistance, and fertility treatment, we are there to support you all the way.
- Paid Time-Off and Holidays
- Retirement
- Life & Disability Insurance
- Career Development
- Tuition Assistance and Student Loan Financing
- Paid Parental Leave
- Additional Benefits
- Medical, Dental, & Vision Care