Cyber Security Engineer

Pyramid Systems, Inc. is an award-winning technology leader focused on driving digital transformation across federal agencies. They are seeking a Cyber Security Engineer to support federal customers by conducting security assessments, vulnerability scanning, and penetration testing while ensuring compliance with industry standards.

Responsibilities:

• Leverage expertise in host identification, vulnerability exploitation techniques, and phishing methodologies to support cyber assessment and security operations
• Develop and execute custom scripts and payloads to enable automated testing, simulation, and validation of security controls
• Perform database management tasks and system/network administration to maintain secure, reliable, and well-configured environments
• Apply in-depth knowledge of industry-standard assessment and exploitation tools, including Metasploit, Nmap, Burp Suite, PowerSploit, and Cobalt Strike, to conduct comprehensive security evaluations
• Operate effectively in fast-paced, dynamic environments while ensuring alignment with FISMA requirements and NIST 800-series security standards
• Conduct network mapping, vulnerability scanning, penetration testing, and web application security testing to identify and mitigate security weaknesses
• Initiate and execute security assessments, including Phishing Assessments, Wireless Assessments, Operating System Security Assessments, and Database Security Assessments
• Document assessment findings and deliver concise risk and remediation reports to stakeholders
• Partner with SOC, IT, and compliance teams to strengthen overall security posture
• Assist with incident response and threat-hunting activities, including root-cause analysis

Requirements:

• US Citizenship required and the ability to obtain and maintain a Public Trust Clearance
• Bachelor's Degree or Higher in Cyber Security or related field is preferred
• Minimum of 3+ years operational experience and at least one related industry certification (OSCP, OSCE, GPEN, GXPN, or equivalent)
• Significant knowledge of FISMA and NIST 800-series standards
• Experience with network mapping, vulnerability scanning, penetration testing, and web application testing
• Experience conducting phishing, wireless, operating system, and database security assessments
• Experience and ability to coordinate, maintain, transport, and set up assessment equipment
• Proficiency operating assessment tools per SOPs and government direction
• Proven experience conducting host identification and exploiting system and network vulnerabilities
• Hands-on experience executing phishing techniques and supporting phishing assessment activities
• Experience developing scripts and creating payloads to support cyber security testing and assessments
• Practical experience performing database operations and administering systems and networks
• Experience leveraging security assessment tools such as Metasploit, Nmap, Burp Suite, PowerSploit, and Cobalt Strike to support assessment objectives