Serco is excited to begin providing cybersecurity assessment services to support Department of Homeland Security (DHS) Headquarters (HQ), Office of the Chief Information Officer (OCIO). We are seeking skilled and motivated Junior, Mid, and Senior-level Penetration Testers to join our team. As a Penetration Tester or Security Controls Assessor, you will play a critical role in identifying vulnerabilities and enhancing the security posture of our clients' systems. You will work closely with a team of cybersecurity professionals to conduct comprehensive security assessments, simulate real-world attacks, and provide actionable insights to mitigate risks.

The successful applicant's primary job duties will include supporting penetration testing exercises throughout various DHS information systems, applications, and networks.

In this role you will be:

• Conducting thorough penetration testing on DHS information systems, applications, and networks to identify security vulnerabilities.
• Developing and executing test plans, methodologies, and scripts to simulate real-world cyber-attacks.
• Analyzing test results to provide detailed reports and recommendations for remediation and risk mitigation.
• Collaborating with IT and security teams to implement security improvements and verify the effectiveness of security measures.
• Staying up-to-date with the latest security trends, tools, and techniques to ensure cutting-edge testing practices.
• Assisting in the development of security policies, procedures, and guidelines to enhance overall security posture.
• Providing technical guidance and support to team members and stakeholders on cybersecurity best practices.

• Conducting comprehensive assessments of security controls for DHS information systems to ensure compliance with the RMF framework.
• Evaluating the effectiveness of security controls and identifying areas for improvement.
• Preparing detailed assessment reports, including findings, recommendations, and risk assessments.
• Developing security documentation, including System Security Plans (SSPs), Security Assessment Plans (SAPs), and Plan of Action and Milestones (POA&Ms).
• Collaborating with system owners, security teams, and stakeholders to address compliance gaps and enhance security measures.
• Staying informed about the latest developments in cybersecurity regulations, standards, and best practices.
• Providing guidance and support to ensure continuous compliance with federal cybersecurity requirements.

To be successful in this role, you will have:   

• Associates Degree in Computer Science, Information Technology, Cybersecurity, or a related field, or
  • 5 years of pentesting experience with GED/High School Diploma.
• Proven experience in penetration testing, web application assessments, and/or ethical hacking.
• Strong knowledge of security testing tools and frameworks such as Metasploit, Burp Suite, Nmap, etc.
• Familiarity with various operating systems, network protocols, and security architectures.
• Experience providing cybersecurity services within DHS or its subordinate organizations is highly desirable.
• Strong knowledge of security testing tools and frameworks such as ACAS, STIGS, etc.
• Excellent problem-solving skills and attention to detail.
• Strong communication skills to effectively convey technical information to non-technical stakeholders. 
• An active secret clearance. 
• The ability to travel up to 25% of the time.

Additional Desired Skills:

• Relevant certifications such as GISP, CEH, OSCP, OSCE, or other SANs and/or Offensive Security certifications are highly desirable.
• Relevant certifications include any IAT Level II certifications such as Security +, CISP, CISSP, etc. 
• High Value Asset (HVA) certifications are highly desirable.

** Serco Inc. is using this posting for the purpose of responding to a proposal. We are seeking qualified candidates in the event of a contract award. This position is not currently funded/active.  Should Serco be awarded the contract, and you meet the qualifications of the position, you will be considered in the selection process.**

Serco Inc. (Serco) is the Americas division of Serco Group, plc. In North America, Serco’s 9,000+ employees strive to make an impact every day across 100+ sites in the areas of Defense, Citizen Services, and Transportation. We help our clients deliver vital services more efficiently while increasing the satisfaction of their end customers. Serco serves every branch of the U.S. military, numerous U.S. Federal civilian agencies, the Intelligence Community, the Canadian government, state, provincial and local governments, and commercial clients. While your place may look a little different depending on your role, we know you will find yours here. Wherever you work and whatever you do, we invite you to discover your place in our world. Serco is a place you can count on and where you can make an impact because every contribution matters.

To review Serco benefits please visit: https://www.serco.com/na/careers/benefits-of-choosing-serco. If you require an accommodation with the application process please email: careers@serco-na.com or call the HR Service Desk at 800-628-6458, option 1. Please note, due to EEOC/OFCCP compliance, Serco is unable to accept resumes by email.

Candidates may be asked to present proof of identify during the selection process. If requested, this will require presentation of a government-issued I.D. (with photo) with name and address that match the information entered on the application. Serco will not take possession of or retain/store the information provided as proof of identity. For more information on how Serco uses your information, please see our Applicant Privacy Policy and Notice.

Serco does not accept unsolicited resumes through or from search firms or staffing agencies without being a contracted approved vendor. All unsolicited resumes will be considered the property of Serco and will not be obligated to pay a placement or contract fee. If you are interested in becoming an approved vendor at Serco, please email Agencies@serco-na.com.

Serco is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other legally protected characteristics.