Overview
On Site
USD 100,000.00 - 200,000.00 per year
Contract - Independent
Skills
Cyber Security
Mapping
Test Plans
Management
FOCUS
Testing
Test Methods
Social Engineering
Reporting
Security Clearance
Regulatory Compliance
FISMA
FedRAMP
Penetration Testing
Operating Systems
Microsoft Windows
Linux
OS X
Python
Windows PowerShell
Bash
Scripting
Network
Web Testing
Web Applications
Active Directory
Cloud Computing
Amazon Web Services
Microsoft Azure
Google Cloud
Google Cloud Platform
OSCP
Certified Ethical Hacker
GPEN
Privacy
Marketing
Job Details
Location: Konterra, MD
Salary: $100,000.00 USD Annually - $200,000.00 USD Annually
Description:
Company: Top tier provider to the Fed Gov
Position: Pen Tester
Location: onsite 5 days a week Beltsville, MD
Clearance: Secret or higher
Provide penetration testing services using a variety of tactics, techniques, and procedures to identify exploitable vulnerabilities in networks and systems while also measuring compliance with organizational security policies, testing whether staff are aware of security issues, and ultimately determining the organization's risk to cybersecurity threats.
Perform network mapping and reconnaissance, document Rules of Engagement to guide the scope, develops test plan, and assists with acquiring management approval.
External Testing: Conduct a variety of penetration tests based on system's criticality, test objectives, and organization's requirements to include:
Working with IT personnel to define scope for targeted testing
Mimicking an outside attacker to gain access to system and what information can be accessed.
Internal Testing: Mimic an outside an insider attack to determine risk employees with various access levels pose to the organization.
Red Team Testing: Focus testing activity towards accessing specific target datasets. Testing methodology should include crafted e-mails, custom public websites, exploit code, and social engineering.
Analyze test results, develop a report on discovered vulnerabilities, and provide risk-based recommendations to remediate those vulnerabilities.
Core Requirements
Active Security Clearance
Federal Contracting Experience
Familiarity with working in government environments, including compliance with NIST, FISMA, and FedRAMP standards.
Technical Skills
Penetration Testing Tools
Vulnerability Remediation
Operating Systems Expertise
Deep understanding of Windows, Linux, and macOS internals.
Scripting & Programming
Experience with Python, PowerShell, Bash, or other scripting languages used in automation and exploit development.
Network & Web Application Testing
Ability to identify and exploit vulnerabilities in networks, APIs, and web applications (e.g., SQLi, XSS, CSRF).
Active Directory & Cloud Environments
Experience with AD enumeration and exploitation; familiarity with cloud platforms like AWS, Azure, and Google Cloud Platform.
Certifications (Preferred)
HVA Operator Certification strongly desired
OSCP (Offensive Security Certified Professional)
CEH (Certified Ethical Hacker)
GPEN (GIAC Penetration Tester)
CPT (Certified Penetration Tester)
By providing your phone number, you consent to: (1) receive automated text messages and calls from the Judge Group, Inc. and its affiliates (collectively "Judge") to such phone number regarding job opportunities, your job application, and for other related purposes. Message & data rates apply and message frequency may vary. Consistent with Judge's Privacy Policy, information obtained from your consent will not be shared with third parties for marketing/promotional purposes. Reply STOP to opt out of receiving telephone calls and text messages from Judge and HELP for help.
Contact:
This job and many more are available through The Judge Group. Please apply with us today!
Salary: $100,000.00 USD Annually - $200,000.00 USD Annually
Description:
Company: Top tier provider to the Fed Gov
Position: Pen Tester
Location: onsite 5 days a week Beltsville, MD
Clearance: Secret or higher
Provide penetration testing services using a variety of tactics, techniques, and procedures to identify exploitable vulnerabilities in networks and systems while also measuring compliance with organizational security policies, testing whether staff are aware of security issues, and ultimately determining the organization's risk to cybersecurity threats.
Perform network mapping and reconnaissance, document Rules of Engagement to guide the scope, develops test plan, and assists with acquiring management approval.
External Testing: Conduct a variety of penetration tests based on system's criticality, test objectives, and organization's requirements to include:
Working with IT personnel to define scope for targeted testing
Mimicking an outside attacker to gain access to system and what information can be accessed.
Internal Testing: Mimic an outside an insider attack to determine risk employees with various access levels pose to the organization.
Red Team Testing: Focus testing activity towards accessing specific target datasets. Testing methodology should include crafted e-mails, custom public websites, exploit code, and social engineering.
Analyze test results, develop a report on discovered vulnerabilities, and provide risk-based recommendations to remediate those vulnerabilities.
Core Requirements
Active Security Clearance
Federal Contracting Experience
Familiarity with working in government environments, including compliance with NIST, FISMA, and FedRAMP standards.
Technical Skills
Penetration Testing Tools
Vulnerability Remediation
Operating Systems Expertise
Deep understanding of Windows, Linux, and macOS internals.
Scripting & Programming
Experience with Python, PowerShell, Bash, or other scripting languages used in automation and exploit development.
Network & Web Application Testing
Ability to identify and exploit vulnerabilities in networks, APIs, and web applications (e.g., SQLi, XSS, CSRF).
Active Directory & Cloud Environments
Experience with AD enumeration and exploitation; familiarity with cloud platforms like AWS, Azure, and Google Cloud Platform.
Certifications (Preferred)
HVA Operator Certification strongly desired
OSCP (Offensive Security Certified Professional)
CEH (Certified Ethical Hacker)
GPEN (GIAC Penetration Tester)
CPT (Certified Penetration Tester)
By providing your phone number, you consent to: (1) receive automated text messages and calls from the Judge Group, Inc. and its affiliates (collectively "Judge") to such phone number regarding job opportunities, your job application, and for other related purposes. Message & data rates apply and message frequency may vary. Consistent with Judge's Privacy Policy, information obtained from your consent will not be shared with third parties for marketing/promotional purposes. Reply STOP to opt out of receiving telephone calls and text messages from Judge and HELP for help.
Contact:
This job and many more are available through The Judge Group. Please apply with us today!
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.