Created by arejoenah from the Noun Project

Why Work for BreakPoint Labs?

BreakPoint Labs is growing quickly and constantly seeking enthusiastic cybersecurity professionals to solve its clients’ most technical challenges. Through an established corporate culture, BreakPoint Labs embraces a highly technical, ‘geeky’ workforce passionate about developing and leveraging technology to secure cyberspace.

If you are interested in joining the BreakPoint Labs Team, please submit a copy of your resume to jobs@breakpoint-labs.com.

Why Us?

Senior Cybersecurity Engineer (Control Systems) - Remote

<BreakPoint Labs is seeking a Senior Cybersecurity Engineer (Control Systems) to apply technical and functional expertise in protecting industrial control systems (ICS) to enable research and development efforts. The Senior Security Engineer will work as a member of a cohesive Team focused on developing and implementing capabilities to enable a secure, resilient operational technology (OT) environment./>

Primary Responsibilities:

  • Serve as technical lead in the design, implementation, vulnerability identification, and mitigation techniques and procedures that will aid clients in securing critical infrastructure systems against current and emerging threats.
  • Provide technical expertise in the application and tailoring of open source cybersecurity technologies to maximize situational awareness and overall resiliency of OT networks and systems.
  • Understand and articulate attack scenarios and emerging techniques related to OT, in order to provide strategies, mitigation techniques, and cybersecurity system design concepts to advance critical infrastructure cybersecurity posture.
  • Support the development of analytics to aid cyber operators with relevant OT data sets, including visualizing the data to effectively detect malicious activity.
  • Provide direct technical and programmatic support to Principal Investigator (PI), as necessary.

Experience:

  • Minimum of three (3) years experience focused on cybersecurity of OT, such as assessments of critical infrastructure/OT systems, analysis of ICS network traffic and protocols, or development of attack and defense methodologies for high risk ICS networks.
  • Minimum of seven (7) years of relevant cybersecurity experience, such as intrusion detection, vulnerability assessments, penetration testing, or incident response functions.
  • Familiarity with ICS-specific technologies and protocols.
  • Familiarity with relevant ICS standards, such as NIST 800-82 - Guide to ICS Security.

Education Requirements:

  • Bachelor's Degree at a minimum in Computer Science, Cyber Security or Information Technology.

Certification Requirements:

  • Security +, CISSP, PMP & GICSP (Preferred)

Travel:

  • Up to 5% Travel.

Clearance:

  • An active DoD Security Clearance.







Cybersecurity Analyst (Remote)

<BreakPoint Labs is seeking a Cybersecurity Analyst to perform on-site risk assessments of DoD applications, networks, systems, architectures, and infrastructure, using standards such as DoD Directive 8510.01, DoD Instruction 8500.01, and NIST Publications. The Cybersecurity Analyst will work as a member of a cohesive Team providing technical support to protect the DoD’s networks and information systems./>

Primary Responsibilities:

  • Serve as a Assessment and Authorization (A&A) validator with proficiency in DoDI 8510.01, Risk Management Framework (RMF) for DoD IT, and affiliated NIST security controls.
  • Conduct comprehensive RMF assessments, including preparation, execution, and concluding documentation, using Security Control Assessor (SCA)-approved processe.
  • Utilize DoD cybersecurity vulnerability scanning and security testing tools, and perform analysis of the results of these tools (i.e., Nessus, SCAP, STIG Checker, etc.)
  • Demonstrate technical experience in identifying vulnerabilities or misconfigurations across a wide variety of technologies.
  • Communicate technical information, often in the form of verbal and visual updates, technical reports, and briefings. Writing/documentation, presentation, and public speaking skills are required.
  • Accurately and efficiently record applicable information in the Enterprise Mission Assurance Support Service (eMASS) suite of modules, to include Asset Manager, in accordance with approved procedures and guidance.
  • Employ organizational and interpersonal skills to succeed in a fast-paced environment.

Experience:

  • Professional experience directly related to Information Technology Security, Network Systems Technology, or equivalent.
  • Working knowledge of DoDI 8510.01, CNSSI 1253, NIST 800-53 rev4.
  • Experience utilizing DoD-approved scanning/testing tools (Nessus, STIG Checker, SCAP, etc.) and performing analysis of output.
  • Experience using Electronic Mission Assurance Support Service (eMASS) is preferred.
  • Certification(s) commensurate with DoDI 8510.01 (DoDM 8570.01-M) IAT Level-II.
  • U.S. Passport required.

Education Requirements:

  • Bachelors Degree in Computer Science, Information Assurance, IT Management (or related).

Certification Requirements:

  • IAT-II Compliance.

Travel:

  • Up to 50% travel.

Clearance:

  • Minimum of Secret Clearance Required.






Intermediate Cybersecurity Analyst (Remote)

<BreakPoint Labs is seeking an Intermediate Cybersecurity Analyst to perform on-site risk assessments of DoD applications, networks, systems, architectures, and infrastructure, using standards such as DoD Directive 8510.01, DoD Instruction 8500.01, and NIST Publications. The Cybersecurity Analyst will work as a member of a cohesive Team providing technical support to protect the DoD’s networks and information systems./>

Primary Responsibilities:

  • Serve as a Assessment and Authorization (A&A) validator with proficiency in DoDI 8510.01, Risk Management Framework (RMF) for DoD IT, and affiliated NIST security controls.
  • Conduct comprehensive RMF assessments, including preparation, execution, and concluding documentation, using Security Control Assessor (SCA)-approved processes.
  • Apply knowledge of system administration functions on various operating systems.
  • Utilize DoD cybersecurity vulnerability scanning and security testing tools, and perform analysis of the results of these tools (i.e., Nessus, SCAP, STIG Checker, etc.)
  • Demonstrate technical experience in identifying vulnerabilities or misconfigurations across a wide variety of technologies
  • Communicate technical information, often in the form of verbal and visual updates, technical reports, and briefings. Writing/documentation, presentation, and public speaking skills are required.
  • Accurately and efficiently record applicable information in the Enterprise Mission Assurance Support Service (eMASS) suite of modules, to include Asset Manager, in accordance with approved procedures and guidance.
  • Ability and willingness to travel up to 50%, both in the Continental United States (CONUS) and Outside of the Continental United States (OCONUS).
  • Employ organizational and interpersonal skills to succeed in a fast-paced environment.

Experience:

  • Two (2) years of professional experience directly related to Information Technology Security, Network Systems Technology, or equivalent.
  • Working knowledge of DoDI 8510.01, CNSSI 1253, NIST 800-53 rev4.
  • Hands-on experience utilizing DoD-approved scanning/testing tools (Nessus, STIG Checker, SCAP, etc.) and performing analysis of output.
  • Experience using Electronic Mission Assurance Support Service (eMASS) is preferred.
  • Certification(s) commensurate with DoDI 8510.01 (DoDM 8570.01-M) IAT Level-III (i.e. CISA, GCIH, CISSP, CASP).
  • U.S. Passport required.

Education Requirements:

  • Bachelors Degree in Computer Science, Information Assurance, IT Management (or related).

Certification Requirements:

  • IAT-III Compliance.

Travel:

  • Up to 50% travel.

Clearance:

  • Minimum of Secret Clearance Required.






Cybersecurity Engineer (Remote)

<BreakPoint Labs is seeking a Cybersecurity Engineer to apply technical and functional expertise in leading and conducting on-site risk assessments of DoD networks, information systems, and applications, using standards such as DoD Directive 8510.01, DoD Instruction 8500.01, and NIST Publications. The Cybersecurity Engineer will work as a member of a Team providing technical support to protect the DoD’s networks and information systems./>

Primary Responsibilities:

  • Serve as an Assessment and Authorization (A&A) Subject Matter Expert (SME) with proficiency in DoDI 8510.01, Risk Management Framework (RMF) for DoD IT, and affiliated NIST security controls.
  • Conduct comprehensive RMF assessments, including coordination, preparation, execution, and concluding documentation.
  • Utilize DoD cybersecurity scanning tools and techniques (i.e., Nessus, SCAP, STIG Checker, etc.).
  • Demonstrate technical experience in identifying and mitigating and/or remediating vulnerabilities or misconfigurations.
  • Demonstrate knowledge of network devices and interconnections (i.e., routers, switches, IDS/IPS, firewalls, DNS).
  • Perform system administration functions on various operating systems, including Linux, Unix, and networking devices.
  • Communicate complex technical and programmatic information to a wide audience, often in the form of verbal and visual updates, technical reports, and/or briefings. Documentation, presentation, and public speaking skills are required.
  • Apply understanding of cybersecurity concepts, practices, and tools to administer classified and unclassified DoD networks and information systems.
  • Maintain on-going awareness of emerging cybersecurity threats and trends.
  • Develop and maintain the necessary technical documentation and standard operating procedures (SOPs).

Experience:

  • 5 years of IT experience.
  • 2 years of experience in conducting RMF and/or NIST assessments.
  • Functional knowledge of DoDI 8510.01, CNSSI 1253, NIST 800-53 rev4, and associated controls.
  • Familiarity with networking.
  • Familiarity with Electronic Mission Assurance Support Service (eMASS) (strongly preferred).
  • Certification(s) commensurate with DoDI 8510.01 (DoDM 8570.01-M) IAT Level-III (i.e. CISA, GCIH, CISSP, CASP). CISSP (preferred).

Education Requirements:

  • Bachelors Degree in Computer Science, Information Assurance, IT Management (or related).

Certification Requirements:

  • IAT-III Compliance.

Travel:

  • Up to 50% travel.

Clearance:

  • Top Secret Clearance Required.






Penetration Tester (Washington DC)

<BreakPoint Labs is seeking a Penetration Tester to help perform adversarial emulation on traditional enterprise environments./>

Primary Responsibilities:

  • Assisting customers with penetration testing activities to include threat emulation against traditional network enterprise environments.
  • Maintain in-depth technical knowledge of adversarial activity in order to replicate similar tactics, techniques, and procedures (TTPs) during assessments.
  • Assess customers security posture through the use of automated tools and manual techniques to identify, verify and exploit security vulnerabilities.
  • Use creative approaches and techniques to identify vulnerabilities that are commonly missed in security assessments, and automated tools.
  • Trigger vulnerabilities and identify specific, meaningful risks to customers based on business and mission impact to critical infrastructure/network environments.
  • Provide detail-oriented technical assistance with remediation and mitigation efforts, often in the form of verbal and/or written communication to the customer.
  • Create comprehensive assessment reports that clearly define vulnerability findings and all scoped requirements defined within the rules of engagement.
  • Interface with client personnel and trusted agents to gather information, clarify scope and investigate security controls in depth.

Experience:

  • Bachelor's Degree and three (3) years of experience performing full scope penetration testing of enterprise systems.
  • Ability to conduct full scope penetration testing of enterprise systems, including but not limited to: Active Directory (AD) enumeration, exploitation, and escalation of privileges, web application testing for custom flaws, wireless testing, password cracking, phishing and social engineering.
  • Knowledge of vulnerability scanning and testing tools (Nmap, Nessus, Burp Suite Professional, Cobalt Strike, Metasploit, EyeWitness, Whatweb, SQLMap, Shodan, Censys.io, and other tools as deemed appropriate for the mission.
  • Functional ability to leverage both Windows and Linux Operating Systems (OS).
  • Ability to adapt to new Techniques, Tactics, and Procedures (TTPs) associated with realistic threats to improve vulnerability findings.
  • Understanding of common attacker TTPs in order to perform threat analysis during assessments.
  • Experience troubleshooting and understanding vulnerability scanning, testing tools and manual testing techniques to determine vulnerability findings that are missed.
  • Experience with a scripting language to automate tasks (Python, Bash, Perl, etc.)

Education Requirements:

  • Cybersecurity, Information Technology, Computer Science, or Related.

Certification Requirements:

  • OSCP (Preferred).

Travel:

  • Up to 25% travel.

Clearance:

  • Secret (Preferred).







Senior Penetration Tester (Washington DC)

<BreakPoint Labs is seeking a Senior Penetration Tester to help perform adversarial emulation on traditional enterprise environments./>

Primary Responsibilities:

  • Assisting customers with penetration testing activities to include threat emulation against traditional network enterprise environments.
  • Maintain in-depth technical knowledge of adversarial activity in order to replicate similar tactics, techniques, and procedures (TTPs) during assessments.
  • Assess customers security posture through the use of automated tools and manual techniques to identify, verify and exploit security vulnerabilities.
  • Use creative approaches and techniques to identify vulnerabilities that are commonly missed in security assessments, and automated tools.
  • Trigger vulnerabilities and identify specific, meaningful risks to customers based on business and mission impact to critical infrastructure/network environments.
  • Provide detail-oriented technical assistance with remediation and mitigation efforts, often in the form of verbal and/or written communication to the customer.
  • Create comprehensive assessment reports that clearly define vulnerability findings and all scoped requirements defined within the rules of engagement.
  • Interface with client personnel and trusted agents to gather information, clarify scope and investigate security controls in depth.

Experience:

  • Bachelor's Degree and five (5) years of experience performing full scope penetration testing of enterprise systems.
  • Experience in a team lead or project management role.
  • Some technical Penetration Testing qualification: OSCP / OSCE (Preferred)
  • Ability to conduct full scope penetration testing of enterprise systems, including but not limited to: Active Directory (AD) enumeration, exploitation, and escalation of privileges, web application testing for custom flaws, wireless testing, password cracking, phishing and social engineering.
  • Knowledge of vulnerability scanning and testing tools (Nmap, Nessus, Burp Suite Professional, Cobalt Strike, Metasploit, EyeWitness, Whatweb, SQLMap, Shodan, Censys.io, and other tools as deemed appropriate for the mission.
  • Functional ability to leverage both Windows and Linux Operating Systems (OS).
  • Ability to adapt to new Techniques, Tactics, and Procedures (TTPs) associated with realistic threats to improve vulnerability findings.
  • Understanding of common attacker TTPs in order to perform threat analysis during assessments.
  • Experience troubleshooting and understanding vulnerability scanning, testing tools and manual testing techniques to determine vulnerability findings that are missed.
  • Experience with a scripting language to automate tasks (Python, Bash, Perl, etc.)

Education Requirements:

  • Cybersecurity, Information Technology, Computer Science, or Related.

Certification Requirements:

  • OSCP (Preferred).

Travel:

  • Up to 25% travel.

Clearance:

  • Secret (Preferred).


Break the cycle.

Together, lets change the world. Let us be the ones to help.

Contact Us