Avionics Penetration Tester - Junior - TGEE

Avionics Penetration Tester – Junior - TGEE

LOCATION: Edwards AFB, CA

Salary Range:Estimated $105,000 USD - $115,000 USD annually. 

JOB STATUS: Full-time

CLEARANCE: Secret

CERTIFICATION: See Below

TRAVEL: 20%

Astrion has an exciting opportunity for an SE-2 Cybersecurity Penetration Tester for the TMAS 2 96 CTG Task Order, supporting the 48 CTS / TGEE.  The 48th CTS/Det 1 conducts Cyber Security Test & Evaluation of Embedded Avionics & Weapons Systems for multiple platforms within the Air Force. There are two paths for this position identified below: Path 1 has a RF and Avionics Security emphasis while Path 2 focuses on Enterprise and Network Penetration Testing

REQUIRED QUALIFICATIONS / SKILLS

Core qualifications

• Technical BS Degree and 0-3 years of applicable experience. Additional experience may be substituted for education.
• Active Secret clearance is required and must be able to obtain/maintain a Top Secret clearance. U.S. Citizenship.
• Must have or be able to obtain DOD 8570 IAT Level 3 certification (CASP, CISSP, ISSEP, etc.) within 6 months of hire, and maintain certification throughout employment.
• Networking Fundamentals: A solid understanding of the OSI model, TCP/IP, network routing/switching, and common network protocols.
• Computer Architecture: Knowledge of computer and processor architecture, memory management, and familiarity with embedded systems.
• Operating Systems: Experience with Linux-based operating systems (e.g., Kali, Ubuntu) and comfort on the command line.
• Problem-Solving Aptitude: A demonstrated ability to approach complex technical challenges methodically. Experience with Capture The Flag (CTF) events, bug bounties, or personal security research projects is a significant advantage.
• Communication: Exceptional written and verbal skills. You must be able to document your test methodology and translate highly technical findings for non-technical audiences.

We are seeking driven candidates with a foundational skill set in one of the following two paths. You are not expected to be an expert in everything, but you must demonstrate a strong aptitude and passion for learning in both of these domains.

Path 1: RF and Avionics Security Focus

This path is for candidates with an interest in hardware, radio frequencies, and the specialized data buses that form the backbone of modern aircraft.

• Avionics Datalink Knowledge: Foundational understanding of military and civilian avionics data buses, primarily MIL-STD-1553 and ARINC 429. Familiarity with other protocols like Link 16 or CAN bus is a plus.
• RF Systems Experience: Prior experience with RF theory and hands-on use of test equipment. This includes:
• RF Analysis Tools: Spectrum Analyzers, Vector Signal Analyzers, and Network Analyzers.
• RF Generation Tools: Signal Generators and Arbitrary Waveform Generators.
• SDR Platforms: Hands-on use of tools like HackRF, USRP, or similar Software Defined Radios for signal analysis and manipulation.
• Signal Analysis: Experience capturing and analyzing RF signals using tools like Wireshark, GNU Radio, or custom scripts. 

Path 2: Enterprise and Network Penetration Testing Focus

This path is for candidates with a background in traditional network, application, and operating system security.

• Penetration Testing Tools: Hands-on experience with the tools of the trade. You should be comfortable with:
• Discovery & Enumeration: Nmap, Nessus, and enumeration scripts.
• Exploitation: Metasploit Framework, Burp Suite, Bloodhound, Impacket, and all other standard penetration test tool and C2 frameworks (Mythic C2 and Silver).
• Advanced Scripting & Automation: Strong proficiency in scripting to automate tasks, modify exploits, and create custom tools. You must be comfortable with:
• Python: For tool development and data parsing.
• Bash & PowerShell: For system administration, automation, and command-line operations.
• Exploit Development/Modification: The ability to analyze and rewrite pre-existing scripts, tools, or public exploits to function effectively on unique or constrained target systems.
• Demonstrated proficiency in bypassing modern, layered security defenses (e.g., EDR, advanced firewalls, network traffic analysis) to establish and maintain persistent, C2 (Command and Control) access within a contested network environment.

DESIRED QUALIFICATIONS / SKILLS

• Active TS/SCI preferred.
• OSCP, CPTS, PNPT certifications desired.
• Prior understanding of aircraft avionics navigation, communication, and datalinks is desired (GPS, ACARS, Mode-S, Link-16, and etc.)
• For Path 1, an understanding of modulation schemes and protocol reverse engineering is highly desired.

RESPONSIBILITIES

• Execute Full-Spectrum Penetration Tests: Plan and conduct security assessments on advanced avionics, embedded systems, traditional IP systems, and RF datalinks for various DoD and federal customers.
• Become a Systems Expert: Dive deep into technical documentation to uncover design flaws and potential cybersecurity weaknesses before they become a threat.
• Develop Custom Test Plans: Author comprehensive test plans and detailed procedures to validate the cyber resiliency of mission-critical platforms.
• Analyze and Report: Meticulously analyze test data and translate complex technical findings into clear, actionable reports for pilots, engineers, and leadership.
• Collaborate with the Best: Work alongside operational testers and pilots to identify vulnerabilities that could impact real-world missions and help develop cyber-contested environments for resiliency testing.