MISI is seeking a Lead Offensive Engineer (Computer Network Operations-CNO) onsite in our Columbia, MD location to join a dynamic technical team. The candidate we seek should be experienced in Critical Infrastructure and Industrial Control Systems. Ideally, you will have 10 years of experience and be OSCP, OSCE, Network+, Security+, and CEH and/or CISSP certified.
We are looking for a skilled and experienced Offensive Engineer (CNO Engineer) to join our cybersecurity team. As an Offensive Engineer, you will play a critical role in identifying and exploiting vulnerabilities within systems and networks to assess their security posture. This is a challenging and rewarding position that requires strong technical expertise, problem-solving skills, and a deep understanding of offensive security techniques.
The candidate selected will be joining an organization that is dynamic, diverse and welcomes creative thought and ambition. The candidate will also be supported by best-in-class peers in design, engineering, testing, and development who are all working on the same mission, in an environment where the team member can thrive.
- Conduct offensive security assessments and penetration testing activities to identify vulnerabilities and weaknesses in systems, networks, and applications.
- Develop and execute advanced attack scenarios and techniques to exploit vulnerabilities (vulnerability research) and demonstrate the impact of potential security breaches.
- Collaborate with cross-functional teams to design and implement customized exploits and payloads for targeted systems.
- Conduct in-depth analysis of security vulnerabilities and provide detailed reports and recommendations to stakeholders, including management and technical teams.
- Stay up to date with the latest offensive security techniques, tools, and trends to continuously enhance knowledge and skills.
- Assist in the development and improvement of offensive security methodologies, processes, and tools.
- Develop and participate in red team exercises and other simulated attack scenarios.
- Collaborate with defensive security teams to provide insights and recommendations based on offensive assessments to strengthen security controls and defenses.
- Conduct research and development activities to explore emerging threats, zero-day vulnerabilities, and new exploitation techniques.
- Mentor staff within selected technology area and review the work of others.
- U.S. Citizenship
- BS in Computer Science, Computer Engineering, or related field
Must have 10 years of experience in the following:
- Research and development of offensive security tools and techniques, including Vulnerability Assessment, Penetration Testing, Exploit Development, Security Assessments (forensic and security tools), Incident Response.
- Practice leadership and industrial control system cybersecurity guidance for SCADA, PLC’s, and Operational Technology (OT) components utilizing protocols such as BACnet, TCP/IP and others.
- Common Offensive security tools and frameworks such as Metasploit, Burp Suite, Kali Linux, and other related tools.
- Proficiency in programming and scripting languages such as Python, Ruby, PowerShell, and/or Bash.
- Familiarity with network protocols, systems architecture, and common security vulnerabilities.
- Understanding of common security frameworks and standards, such as OWASP, NIST, and MITRE ATT&CK.
- RF Technologies.
- Containerization technology including LXC and Docker.
- Automation, Infrastructure as Code, Cloud Engineering.
- Virtualization platforms such as VMware, ESXi, Hyper-V, Xen, KVM.
- Excellent written and verbal communication skills with the ability to effectively convey complex technical concepts to both technical and nontechnical stakeholders.
- Excellent analytical and problem-solving skills, with the ability to think creatively and strategically to identify and exploit security weaknesses.
- Must be reliable, with excellent work ethic, professional, self-motivated, and enthusiastic.
- Master’s degree in computer science, or equivalent field
- Active DoD Secret Security Clearance with the ability to obtain TS/SCI
- OSCP, OSCE, Network+, Security+, CEH and/or CISSP certified.
- Ability to exert light physical effort including walking.
- Primarily sedentary, office/computer work
- Ability to sit at a computer for long periods of time.
- May require lifting, carrying, pushing and/or pulling of objects, computer equipment and supplies of light to moderate weight (10-50lbs) at times.
Salary Range: $175k to $200k
MISI provides a variety of benefits including medical, dental and vision insurance coverage, life and disability insurance, a generous 401K retirement savings plan, and a discretionary time off policy.
MISI is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.
Job Type: Full-time
Pay: $175,000.00 – $200,000.00 per year
- Dental insurance
- Employee assistance program
- Health insurance
- Life insurance
- Paid time off
- Professional development assistance
- Referral program
- Tuition reimbursement
- Vision insurance
- 8 hour shift
- Monday to Friday
Ability to commute/relocate:
- Columbia, MD 21046: Reliably commute or planning to relocate before starting work (Required)
- You must be a US citizen to work at MISI. Are you a US citizen?
- Bachelor’s (Required)
- Scripting: 10 years (Required)
- Virtualization: 10 years (Required)
- Cloud infrastructure: 10 years (Required)
- RF: 10 years (Preferred)
- Network Protocols and Security Vulnerabilties: 10 years (Required)
Work Location: In person