Mid-level Risk and Vulnerability Assessment (RVA) Tester

Analysis, Automated, Bash, CISSP, CMS, Database, Development, Java, Linux, MongoDB, MySQL, mysql, Networking, Oracle, Perl, Project, Python, Security, Source Code, Technical Writing, Tester, Testing, Windows
Full Time
Telecommuting not available Travel required to 35%.

Job Description

VariQ has an exciting opportunity for a highly qualified Mid-level Risk and Vulnerability Assessment (RVA) Tester to support the CMS project in Maryland.
Additional Information:  

* Location: Baltimore, MD with 35% travel component

* Salary: Dependent upon experience

* Security Clearance: Must be able to obtain "Public Trust" level 6 clearance. (SF-85 and SF-86 submission required)

* Available: ASAP


* Perform RVA penetration activities utilizing various automated tools

* Perform Network and Application penetration tests on a wide range of technologies using automated and manual testing techniques

* Exploit security flaws and vulnerabilities with regard to a predefined scope of work and ROE

* Interface with client(s) to plan and coordinate system assessments in a professional manner

* Prepare and Deliver well documented reports identifying weaknesses with mitigation strategies



* 5+ years of Security, Software Development or Networking Experience

* 2+ years of Manual Penetration Testing Experience exploiting various well known vulnerabilities (SQLi, XSS, CSRF, etc.)

* 1+ years working with automated vulnerability scanning tools (e.g., Nessus, Web Inspect, etc.)

* Demonstrated technical experience using Linux and Windows operating systems

* Demonstrated experience using the following security tools Burpsuite, Kali Linux, NMap

* Some network penetration testing experience (using the majority of the following: wireshark, metasploit, hydra, john, sqlmap

* Excellent technical writing skills and attention to detail

* Ability to work in a fast paced environment

* Exceptional customer facing communication skills

* This work will require up to 35% of travel in the US Continental.


* Ability to understand and demonstrate new concepts and technologies quickly

* Database Experience (Oracle, MSSQL, MySQL, MongoDB)

* Application Fuzzing and Web Services testing experience (WSFuzzer, SPIKE, Sulley, SoapUI, BurpSuite)

* Software Development and/or Scripting Experience in C++, Java, C#, perl, python or bash

* Source Code Review (aka Static Analysis) Experience

* Certifications (GPEN, GWAPT, OSCP, CEH, CISSP)

* Knowledge of NIST 800 series and/or FISMA

Clearance:   US Citizen - Must be able to obtain "Public Trust" level 6 clearance. (SF-85 and SF-86 submission required).

VariQ is an equal opportunity employer.


Category: IT Security
Dice Id : 10286792
Position Id : 3045
Have a Job? Post it

Similar Positions

Application Security Analyst
  • Gotham Technology
  • College Park, MD
Information Security Manager
  • CyberCoders
  • Silver Spring, MD
Sr Cybersecurity Specialist/Manager - SSA
  • Cohesion Consulting LLC
  • Woodlawn, MD
Cyber Security Architect
  • U.S. Tech Solutions Inc.
  • Baltimore, MD
Information Assurance Engineer
  • Leidos
  • Aberdeen Proving Ground, MD
Information Assurance (IA) / Cybersecurity Engineer
  • Capital Markets Placement
  • Aberdeen Proving Gro, MD
Cyber Intel Analyst
  • Zachary Piper
  • Linthicum Heights, MD
Lead IT Auditor
  • Zolon Tech Solutions Inc
  • Owings Mills, MD
Risk Advisory Associate
  • nTech Connect
  • Owings Mills, MD
Software Assurance Engineer
  • Axxum Technologies LLC
  • Washington, DC
Mid Red Team Operator
  • Blue Canopy Group LLC
  • Washington, DC