Mid-level Risk and Vulnerability Assessment (RVA) Tester

Analysis, Automated, Bash, CISSP, CMS, Database, Development, Java, Linux, MongoDB, MySQL, mysql, Networking, Oracle, Perl, Project, Python, Security, Source Code, Technical Writing, Tester, Testing, Windows
Full Time
Telecommuting not available Travel required to 35%.

Job Description

VariQ has an exciting opportunity for a highly qualified Mid-level Risk and Vulnerability Assessment (RVA) Tester to support the CMS project in Maryland.
Additional Information:  

* Location: Baltimore, MD with 35% travel component

* Salary: Dependent upon experience

* Security Clearance: Must be able to obtain "Public Trust" level 6 clearance. (SF-85 and SF-86 submission required)

* Available: ASAP


* Perform RVA penetration activities utilizing various automated tools

* Perform Network and Application penetration tests on a wide range of technologies using automated and manual testing techniques

* Exploit security flaws and vulnerabilities with regard to a predefined scope of work and ROE

* Interface with client(s) to plan and coordinate system assessments in a professional manner

* Prepare and Deliver well documented reports identifying weaknesses with mitigation strategies



* 5+ years of Security, Software Development or Networking Experience

* 2+ years of Manual Penetration Testing Experience exploiting various well known vulnerabilities (SQLi, XSS, CSRF, etc.)

* 1+ years working with automated vulnerability scanning tools (e.g., Nessus, Web Inspect, etc.)

* Demonstrated technical experience using Linux and Windows operating systems

* Demonstrated experience using the following security tools Burpsuite, Kali Linux, NMap

* Some network penetration testing experience (using the majority of the following: wireshark, metasploit, hydra, john, sqlmap

* Excellent technical writing skills and attention to detail

* Ability to work in a fast paced environment

* Exceptional customer facing communication skills

* This work will require up to 35% of travel in the US Continental.


* Ability to understand and demonstrate new concepts and technologies quickly

* Database Experience (Oracle, MSSQL, MySQL, MongoDB)

* Application Fuzzing and Web Services testing experience (WSFuzzer, SPIKE, Sulley, SoapUI, BurpSuite)

* Software Development and/or Scripting Experience in C++, Java, C#, perl, python or bash

* Source Code Review (aka Static Analysis) Experience

* Certifications (GPEN, GWAPT, OSCP, CEH, CISSP)

* Knowledge of NIST 800 series and/or FISMA

Clearance:   US Citizen - Must be able to obtain "Public Trust" level 6 clearance. (SF-85 and SF-86 submission required).

VariQ is an equal opportunity employer.


Category: IT Security
Dice Id : 10286792
Position Id : 3045
Have a Job? Post it

Similar Positions

  • Career Advancements, Inc.
  • Aberdeen, MD
Vulnerability Management Analyst
  • Baltimore, MD
Cyber Security
  • Lenmar Consulting
  • Baltimore, MD
Information Assurance/Security Specialist
  • Delta Risk LLC
  • Linthicum, MD
Jr. Program Security Analyst
  • Omm Inc
  • Windsor Mill, MD
Cyber Security Analyst - CNDSP (TS/SCI)
  • By Light Professional IT Services
  • Fort Meade, MD
Cyber Security Architect
  • U.S. Tech Solutions Inc.
  • Baltimore, MD
Information Security Analyst - Corporate
  • FEi Systems
  • Columbia, MD
Information Security Analyst
  • Robert Half Technology
  • Silver Spring, MD
  • Greenbelt, MD
Cyber Security Engineer
  • ASM Research
  • Greenbelt, MD
ISSO Junior-Level
  • Squires Group, Inc
  • Columbia, MD