We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Astrion jobs

Avionics Penetration Tester - Midlevel

Astrion
$120,000.00 - $140,000.00 / yr
United States, California, Edwards Air Force Base
Mar 06, 2026
Overview

Avionics Penetration Tester - Mid-Level - TGEE

LOCATION: Edwards AFB, CA

Salary Range: Estimated $120,000.00 USD - $140,000.00 USD annually

JOB STATUS:Full-time

CLEARANCE: Secret

CERTIFICATION: See Below

TRAVEL: 20%

Astrion has an exciting opportunity for an SE-3 Cybersecurity Penetration Tester for the TMAS 2 96 CTG Task Order, supporting the 48 CTS / TGEE. The 48th CTS/Det 1 conducts Cyber Security Test & Evaluation of Embedded Avionics & Weapons Systems for multiple platforms within the Air Force.

REQUIRED QUALIFICATIONS / SKILLS

Core qualifications

  • Technical BS Degree and 3-10 years of applicable experience. Additional experience may be substituted for education.
  • Active Secret clearance is required and must be able to obtain/maintain a Top Secret clearance. U.S. Citizenship is required.
  • Must have or be able to obtain DOD 8140 IAT Level 3 certification (CASP, CISSP, ISSEP, etc.) within 6 months of hire, and maintain certification throughout employment.

And

  • Prior understanding of aircraft avionics navigation, communication, and datalinks is desired (GPS, ACARS, Mode-S, Link-16, and etc.)
  • Proficiency in analyzing and/or manipulating avionics communication protocols, such as ARINC 429, MIL-STD-1553.
  • Military aircraft operations, maintenance, test or acquisition experience is desired.
  • Prior knowledge and applicable experience using various RF testing tools such as HackRF, SDR's, spectrum analyzers, and Wireshark.
  • Knowledge of common vulnerabilities and attack vectors in aviation systems, including but not limited to buffer overflows, injection attacks, and protocol manipulation.
  • Understanding of aircraft network architectures, including intra-aircraft networks and inter-aircraft networks (e.g., Air Traffic Management Data Link, Aircraft Communications Addressing and Reporting System).
  • Understanding of cryptographic principles and their application in aviation security, including key management, encryption algorithms, and digital signatures.

Or

  • Familiarity with industry-standard frameworks and methodologies for conducting penetration tests, such as OWASP Testing Guide and NIST SP 800-115
  • Knowledge of endpoint security technologies and techniques, such as antivirus, host-based intrusion detection/prevention systems (HIDS/HIPS), and privilege escalation exploits.
  • Experience in identifying and exploiting security vulnerabilities in web applications, including injection flaws, cross-site scripting (XSS), and insecure direct object references (IDOR).
  • Familiarity with common networking protocols and technologies, such as TCP/IP, DNS, DHCP, VLANs, VPNs, and SSL/TLS.
  • Proficiency in conducting vulnerability assessments and penetration tests on network infrastructure, including routers, switches, firewalls, and servers.
  • Ability to effectively communicate technical findings and recommendations to both technical and non-technical stakeholders through detailed reports and presentations.
  • Prior experience with the use of enterprise penetration test tools. (nmap, Nessus, BurpSuite, Hydra, Metasploit, BloodHound.)
  • Continuous learning and staying updated with the latest security trends, vulnerabilities, and attack techniques through self-study, training, and participation in industry conferences and events.
  • Experience with python, bash, and PowerShell scripts
  • Capable of rewriting preexisting scripts, tools, or exploits to work on target systems.
  • Conduct penetration tests on Active Directory environments, leveraging tools like BloodHound and PowerView for reconnaissance and enumeration, to identify vulnerabilities and attack paths.
  • Execute advanced attack techniques, including pass-the-hash and golden ticket attacks, to assess the effectiveness of Active Directory security controls and simulate real-world threat scenarios.
  • Provide actionable recommendations and remediation strategies to improve the security posture of Active Directory infrastructures, emphasizing best practices such as least privilege principles and strong password policies.
  • Demonstrate the ability to complete a CTF if requested

DESIRED QUALIFICATIONS / SKILLS

  • Bachelor's Degree in either Engineering or Cybersecurity related Discipline desired.
  • Active TS/SCI preferred.
  • OSCP, CPTS, PNPT certifications desired.
  • Prior understanding of aircraft avionics navigation, communication, and datalinks is desired (GPS, ACARS, Mode-S, Link-16, and etc.)

RESPONSIBILITIES

  • Execute test projects and program objectives with various DoD and federal agency customers
  • Review technical documentation related to Avionics Embedded Systems and RF datalinks and identify potential design shortfalls that might result in a cybersecurity weakness
  • Develop test corpus and test plans to validate the presence of weaknesses
  • Analysis data from test events and present this data in a coherent and accurate manner for the customer
  • Work with operational testers and pilots to identify vulnerabilities which might affect the cyber resiliency of the platform for a given mission
  • Assist with developing cyber contested environments to demonstrate the resiliency of the platform under test

#LI-AD1

#CJ

Applied = 0
MORE JOBS LIKE THIS

(web-6bcf49d48d-kx4md)