Job Description

The completion of this penetration testing is expected to be completed by September 30, 2021, with detailed reports of results and findings. There will be two categories of reports: (1) specific, detailed reports for each department with redactions as agreed with the ISO team; and (2) a separate countywide report which will contain general highlights of the findings, as well as recommendations.

Goals: Completion of each goal will be approved by the County’s ISO team .Planning Phase: The Vendor will provide security assessment methodology documentation pertaining to consistency and structure utilized to minimize testing impact. Any vendor personnel and/or equipment coordination to be completed during this phase.

Execution Phase: The Candidate  will document any vulnerabilities found and show proof (screenshots) of the vulnerability in the report.

Post Execution Phase: The Candidate will document, disclose any alteration and perform appropriate cleanup of any accounts, tools, software/hardware installed in SCC premise. The Candidate  removal of accounts and test tools will ensure the accounts or remnant tools and will not be exploited or used against SCC.

Assessment Goal: The goal of the engagement is to simulate an attack externally and internally to identify any weaknesses to SCC systems. A successful attack will include the following:

•Obtain sensitive data from County database (Anonymize data in documentation/reports).

•Compromise of an intermediary device used by privileged users to access the Database, Web, and or systems.

•Obtain sensitive data or compromise of Domain, Web Servers, and/or DBA with privileged user credentials.

•Elevated Privilege compromise of the systems and servers.

Company Description

Computer Consultants International, Inc. (CCI) is an IT Consulting Firm with more than 20 years of experience providing effective, expert-level services in industries such as Construction, Technology, Finance, Healthcare, and Government. CCI focuses on building long-term relationships while completing projects from design to delivery. People are CCI's key component for success. Recruiting utmost-quality individuals for our clients, CCI fields a workforce of individuals who are selected not only because of their technical qualifications but also for their achievements as substantial, contributing human beings. In government work and in the commercial market, high standards of ethics and accountability are critical. Therefore our people are chosen for their integrity and ability to maintain relationships, as well as expertise in their field. To learn more about CCI, visit us online at www.cci-worldwide.com.