Mid-level Risk and Vulnerability Assessment (RVA) Tester

Analysis, Automated, Bash, CISSP, CMS, Database, Development, Java, Linux, MongoDB, MySQL, mysql, Networking, Oracle, Perl, Project, Python, Security, Source Code, Technical Writing, Tester, Testing, Windows
Full Time
Telecommuting not available Travel required to 35%.

Job Description

VariQ has an exciting opportunity for a highly qualified Mid-level Risk and Vulnerability Assessment (RVA) Tester to support the CMS project in Maryland.
Additional Information:  

* Location: Baltimore, MD with 35% travel component

* Salary: Dependent upon experience

* Security Clearance: Must be able to obtain "Public Trust" level 6 clearance. (SF-85 and SF-86 submission required)

* Available: ASAP


* Perform RVA penetration activities utilizing various automated tools

* Perform Network and Application penetration tests on a wide range of technologies using automated and manual testing techniques

* Exploit security flaws and vulnerabilities with regard to a predefined scope of work and ROE

* Interface with client(s) to plan and coordinate system assessments in a professional manner

* Prepare and Deliver well documented reports identifying weaknesses with mitigation strategies



* 5+ years of Security, Software Development or Networking Experience

* 2+ years of Manual Penetration Testing Experience exploiting various well known vulnerabilities (SQLi, XSS, CSRF, etc.)

* 1+ years working with automated vulnerability scanning tools (e.g., Nessus, Web Inspect, etc.)

* Demonstrated technical experience using Linux and Windows operating systems

* Demonstrated experience using the following security tools Burpsuite, Kali Linux, NMap

* Some network penetration testing experience (using the majority of the following: wireshark, metasploit, hydra, john, sqlmap

* Excellent technical writing skills and attention to detail

* Ability to work in a fast paced environment

* Exceptional customer facing communication skills

* This work will require up to 35% of travel in the US Continental.


* Ability to understand and demonstrate new concepts and technologies quickly

* Database Experience (Oracle, MSSQL, MySQL, MongoDB)

* Application Fuzzing and Web Services testing experience (WSFuzzer, SPIKE, Sulley, SoapUI, BurpSuite)

* Software Development and/or Scripting Experience in C++, Java, C#, perl, python or bash

* Source Code Review (aka Static Analysis) Experience

* Certifications (GPEN, GWAPT, OSCP, CEH, CISSP)

* Knowledge of NIST 800 series and/or FISMA

Clearance:   US Citizen - Must be able to obtain "Public Trust" level 6 clearance. (SF-85 and SF-86 submission required).

VariQ is an equal opportunity employer.


Category: IT Security
Dice Id : 10286792
Position Id : 3045
Have a Job? Post it

Similar Positions

Secure Code Tester at Washington,DC
  • Tech Rakers
  • Washington, DC
Secure Code Tester
  • Lumen Solutions Inc
  • Washington, DC
Penetration Tester
  • Axxum Technologies LLC
  • Washington, DC
Cyber Security Penetration Tester
  • Capital Markets Placement
  • Washington, DC
Secure Code Tester
  • CC Pace Systems, Inc.
  • Washington, DC
Secure Code Tester
  • ALTEK Information Technology, Inc
  • Washington, DC
Penetration Tester
  • ALTA IT Services
  • Washington, DC
Penetration tester (Secure Code Tester)
  • Tekcel Inc
  • Washington, DC
Application Security Assessor/Penetration Tester
  • Blue Canopy Group LLC
  • Arlington, VA
Penetration/Secure Code Tester
  • Comtech LLC
  • Washington, DC
Web Application/Penetration Tester
  • Smartlink, LLC (HQ)
  • Washington, DC
Secure Code Tester
  • xScion Solutions
  • Washington, DC
Application Penetration Tester
  • SBC Solutions
  • Arlington, VA
Penetration Tester with IA
  • AETEA Information Technology Inc
  • Washington, DC