Created by arejoenah from the Noun Project

Why Work for BreakPoint Labs?

BreakPoint Labs is growing quickly and constantly seeking enthusiastic cybersecurity professionals to solve its clients’ most technical challenges. Through an established corporate culture, BreakPoint Labs embraces a highly technical, ‘geeky’ workforce passionate about developing and leveraging technology to secure cyberspace.

If you are interested in joining the BreakPoint Labs Team, please submit a copy of your resume to jobs@breakpoint-labs.com.

Why Us?






DevSecOps Lead (Washington, DC - Remote)

<BreakPoint Labs is seeking a DevSecOps Lead, you will be at the heart of the development, deployment, and operation of a suite of security applications supporting an enterprise Security Operations Center (SOC). You will lead a small team (4-6) of developers working across a variety of applications deployed within an “on-prem” environment that handles terabytes of data per day and a mid-sized user community. The DevSecOps Lead position will be the focal point for key technical design and implementation decisions as well as a contributor toward overall goals./>

Primary Responsibilities:

  • Defining technical roadmaps and milestones for individual capabilities across unclassified and classified environment.
  • Contributing to the technical code base and CI/CD infrastructure to ensure rapid development and deployment of applications in an automated fashion.
  • Assist in the collection, measurement, and reporting of technical key performance indicators.
  • Communicate the status of existing projects to stakeholders during weekly meetings.
  • Thorough understanding of full stack development and modern programming languages/applications, including but not limited to, Docker, GitLab, Python 3, Golang, Ansible, Prometheus, Grafana, Elasticsearch, and Kibana.
  • Technical contributions to bid and proposal efforts.

Experience:

  • Five (5) years of experience in the development, deployment, operation, and maintenance of applications in a large/distributed environment.
  • Strong Linux administration and development experience.
  • At least three (3) years of experience with Docker CE/EE.
  • Excellent written and oral communicator.
  • Programming languages/frameworks: Python 3, Golang, Django, PostgreSQL, YAML. (Preferred)
  • At least three (3) years of experience working with an DoD environment and knowledgeable about STIGs, SRGs, and accreditation processes. (Preferred)
  • Experience with large cloud service providers (AWS, Google Cloud, Microsoft Azure). (Preferred)

Education Requirements:

  • At least a Bachelor of Science degree in Computer Science, Computer Engineering, or Electrical Engineering.

Certification Requirements:

  • Ability to maintain IAT Level II DoD certifications.

Travel:

  • Between 5-25% travel.

Clearance:

  • Minimum of DoD Secret Clearance Required. (DoD Top Secret Preferred)






Penetration Tester (Remote)

<BreakPoint Labs is seeking a Penetration Tester to help perform adversarial emulation on traditional enterprise environments./>

Primary Responsibilities:

  • Assisting customers with penetration testing activities to include threat emulation against traditional network enterprise environments.
  • Maintain in-depth technical knowledge of adversarial activity in order to replicate similar tactics, techniques, and procedures (TTPs) during assessments.
  • Assess customers security posture through the use of automated tools and manual techniques to identify, verify and exploit security vulnerabilities.
  • Use creative approaches and techniques to identify vulnerabilities that are commonly missed in security assessments, and automated tools.
  • Trigger vulnerabilities and identify specific, meaningful risks to customers based on business and mission impact to critical infrastructure/network environments.
  • Provide detail-oriented technical assistance with remediation and mitigation efforts, often in the form of verbal and/or written communication to the customer.
  • Create comprehensive assessment reports that clearly define vulnerability findings and all scoped requirements defined within the rules of engagement.
  • Interface with client personnel and trusted agents to gather information, clarify scope and investigate security controls in depth.

Experience:

  • Ability to conduct full scope penetration testing of enterprise systems, including but not limited to: Active Directory (AD) enumeration, exploitation, and escalation of privileges, web application testing for custom flaws, wireless testing, password cracking, phishing and social engineering.
  • Knowledge of vulnerability scanning and testing tools (Nmap, Nessus, Burp Suite Professional, Cobalt Strike, Metasploit, EyeWitness, Whatweb, SQLMap, Shodan, Censys.io, and other tools as deemed appropriate for the mission.
  • Functional ability to leverage both Windows and Linux Operating Systems (OS).
  • Ability to adapt to new Techniques, Tactics, and Procedures (TTPs) associated with realistic threats to improve vulnerability findings.
  • Understanding of common attacker TTPs in order to perform threat analysis during assessments.
  • Experience troubleshooting and understanding vulnerability scanning, testing tools and manual testing techniques to determine vulnerability findings that are missed.
  • Experience with a scripting language to automate tasks (Python, Bash, Perl, etc.)

Education Requirements:

  • Bachelor's Degree and three (3) years of experience performing full scope penetration testing of enterprise systems. (Having OSCP can substitute for years of experience requested.)

Certification Requirements:

  • OSCP/OSCE (Preferred)

Travel:

  • Between 25-50% travel.

Clearance:

  • Minimum of DoD Secret Clearance (Preferred). If not may have to obtain a security clearance.
  • Must be a U.S. citizen and work in the United States.






Cybersecurity Analyst (Remote)

<BreakPoint Labs is seeking a Cybersecurity Analyst to perform on-site risk assessments of DoD applications, networks, systems, architectures, and infrastructure, using standards such as DoD Directive 8510.01, DoD Instruction 8500.01, and NIST Publications. The Cybersecurity Analyst will work as a member of a cohesive Team providing technical support to protect the DoD’s networks and information systems./>

Primary Responsibilities:

  • Serve as a Assessment and Authorization (A&A) validator with proficiency in DoDI 8510.01, Risk Management Framework (RMF) for DoD IT, and affiliated NIST security controls.
  • Conduct comprehensive RMF assessments, including preparation, execution, and concluding documentation, using Security Control Assessor (SCA)-approved processe.
  • Utilize DoD cybersecurity vulnerability scanning and security testing tools, and perform analysis of the results of these tools (i.e., Nessus, SCAP, STIG Checker, etc.)
  • Demonstrate technical experience in identifying vulnerabilities or misconfigurations across a wide variety of technologies.
  • Communicate technical information, often in the form of verbal and visual updates, technical reports, and briefings. Writing/documentation, presentation, and public speaking skills are required.
  • Accurately and efficiently record applicable information in the Enterprise Mission Assurance Support Service (eMASS) suite of modules, to include Asset Manager, in accordance with approved procedures and guidance.
  • Employ organizational and interpersonal skills to succeed in a fast-paced environment.

Experience:

  • Professional experience directly related to Information Technology Security, Network Systems Technology, or equivalent.
  • Working knowledge of DoDI 8510.01, CNSSI 1253, NIST 800-53 rev4.
  • Experience utilizing DoD-approved scanning/testing tools (Nessus, STIG Checker, SCAP, etc.) and performing analysis of output.
  • Experience using Electronic Mission Assurance Support Service (eMASS) is preferred.
  • Certification(s) commensurate with DoDI 8510.01 (DoDM 8570.01-M) IAT Level-II.
  • U.S. Passport required.

Education Requirements:

  • Bachelors Degree in Computer Science, Information Assurance, IT Management (or related).

Certification Requirements:

  • IAT-II Compliance.

Travel:

  • Up to 50% travel.

Clearance:

  • Minimum of Secret Clearance Required.






Intermediate Cybersecurity Analyst (Remote)

<BreakPoint Labs is seeking an Intermediate Cybersecurity Analyst to perform on-site risk assessments of DoD applications, networks, systems, architectures, and infrastructure, using standards such as DoD Directive 8510.01, DoD Instruction 8500.01, and NIST Publications. The Cybersecurity Analyst will work as a member of a cohesive Team providing technical support to protect the DoD’s networks and information systems./>

Primary Responsibilities:

  • Serve as a Assessment and Authorization (A&A) validator with proficiency in DoDI 8510.01, Risk Management Framework (RMF) for DoD IT, and affiliated NIST security controls.
  • Conduct comprehensive RMF assessments, including preparation, execution, and concluding documentation, using Security Control Assessor (SCA)-approved processes.
  • Apply knowledge of system administration functions on various operating systems.
  • Utilize DoD cybersecurity vulnerability scanning and security testing tools, and perform analysis of the results of these tools (i.e., Nessus, SCAP, STIG Checker, etc.)
  • Demonstrate technical experience in identifying vulnerabilities or misconfigurations across a wide variety of technologies
  • Communicate technical information, often in the form of verbal and visual updates, technical reports, and briefings. Writing/documentation, presentation, and public speaking skills are required.
  • Accurately and efficiently record applicable information in the Enterprise Mission Assurance Support Service (eMASS) suite of modules, to include Asset Manager, in accordance with approved procedures and guidance.
  • Ability and willingness to travel up to 50%, both in the Continental United States (CONUS) and Outside of the Continental United States (OCONUS).
  • Employ organizational and interpersonal skills to succeed in a fast-paced environment.

Experience:

  • Two (2) years of professional experience directly related to Information Technology Security, Network Systems Technology, or equivalent.
  • Working knowledge of DoDI 8510.01, CNSSI 1253, NIST 800-53 rev4.
  • Hands-on experience utilizing DoD-approved scanning/testing tools (Nessus, STIG Checker, SCAP, etc.) and performing analysis of output.
  • Experience using Electronic Mission Assurance Support Service (eMASS) is preferred.
  • Certification(s) commensurate with DoDI 8510.01 (DoDM 8570.01-M) IAT Level-III (i.e. CISA, GCIH, CISSP, CASP).
  • U.S. Passport required.

Education Requirements:

  • Bachelors Degree in Computer Science, Information Assurance, IT Management (or related).

Certification Requirements:

  • IAT-III Compliance.

Travel:

  • Up to 50% travel.

Clearance:

  • Minimum of Secret Clearance Required.





Cybersecurity Engineer (Remote)

<BreakPoint Labs is seeking a Cybersecurity Engineer to apply technical and functional expertise in leading and conducting on-site risk assessments of DoD networks, information systems, and applications, using standards such as DoD Directive 8510.01, DoD Instruction 8500.01, and NIST Publications. The Cybersecurity Engineer will work as a member of a Team providing technical support to protect the DoD’s networks and information systems./>

Primary Responsibilities:

  • Serve as an Assessment and Authorization (A&A) Subject Matter Expert (SME) with proficiency in DoDI 8510.01, Risk Management Framework (RMF) for DoD IT, and affiliated NIST security controls.
  • Conduct comprehensive RMF assessments, including coordination, preparation, execution, and concluding documentation.
  • Utilize DoD cybersecurity scanning tools and techniques (i.e., Nessus, SCAP, STIG Checker, etc.).
  • Demonstrate technical experience in identifying and mitigating and/or remediating vulnerabilities or misconfigurations.
  • Demonstrate knowledge of network devices and interconnections (i.e., routers, switches, IDS/IPS, firewalls, DNS).
  • Perform system administration functions on various operating systems, including Linux, Unix, and networking devices.
  • Communicate complex technical and programmatic information to a wide audience, often in the form of verbal and visual updates, technical reports, and/or briefings. Documentation, presentation, and public speaking skills are required.
  • Apply understanding of cybersecurity concepts, practices, and tools to administer classified and unclassified DoD networks and information systems.
  • Maintain on-going awareness of emerging cybersecurity threats and trends.
  • Develop and maintain the necessary technical documentation and standard operating procedures (SOPs).

Experience:

  • 5 years of IT experience.
  • 2 years of experience in conducting RMF and/or NIST assessments.
  • Functional knowledge of DoDI 8510.01, CNSSI 1253, NIST 800-53 rev4, and associated controls.
  • Familiarity with networking.
  • Familiarity with Electronic Mission Assurance Support Service (eMASS) (strongly preferred).
  • Certification(s) commensurate with DoDI 8510.01 (DoDM 8570.01-M) IAT Level-III (i.e. CISA, GCIH, CISSP, CASP). CISSP (preferred).

Education Requirements:

  • Bachelors Degree in Computer Science, Information Assurance, IT Management (or related).

Certification Requirements:

  • IAT-III Compliance.

Travel:

  • Up to 50% travel.

Clearance:

  • Top Secret Clearance Required.


Break the cycle.

Together, lets change the world. Let us be the ones to help.

Contact Us