Penetration Application Security Tester

Penetration Tester experience, cyber security experience
Contract W2, 1 Years
Depends on Experience
Work from home not available Travel not required

Job Description

Please note that this is a 1 year contract position.

Plan, communicate, coordinate and perform penetration testing, application testing, and security assessments at application, system and enterprise level
Develop Rules of Engagement, scoping documents and reports
Perform manual penetration tests and validation of vulnerability scan results
Develops automation/scripts for replicating vulnerability validation and penetration tests
Devises plans and scenarios for various types of penetration tests
Documents vulnerabilities, relevant exploits, and remediations in final vulnerability assessment report
Perform information technology security research to remain current on emerging technology trends and develop exploits for disclosed and undisclosed vulnerabilities
Contributes to developing and implementing tools for penetration testing and early warning of weaknesses or possible incidents building on methodologies as promulgated by NIST, ISO, etc. to ensure useful, measurable, and repeatable methods applied to quantifying risk
Selects, installs, and configures security testing platforms and tools or develop tools and procedures for penetration tests
Performs penetration testing using standard penetration tools (Metasploit, Nmap, Nessus, Burp Suite, etc.)
Performs off-hours work as necessary

Required Skills:
Must be eligible to obtain a sensitive clearance Position of Public Trust and may be required to obtain a higher security clearance.
3-5 years of penetration testing experience is required
Experience with web and mobile applications, databases, operating systems
Experience in penetration testing large and complex enterprise networks
Experience with utilizing penetration testing framework such as OWASP or Mitre Att&ck Framework.
Experience with regulatory compliance, policy development, and policy enforcement
Experience with FISMA / PCI-DSS compliance, ISO 27000 / NIST SP 800 Frameworks
Experience in the roles identified above
4+ years of network or system security
3+ years of penetration test experience
Excellent communication and interpersonal skills
Hands-on OS configuration/administration experience
Programming experience with focus on penetration testing or process automation
Experience with the following technologies:
o Kali Linux
o Metasploit
o Nmap
o Burp Suite

Desired Skills:
Experience with cyber security development projects and programs for U.S. Government and/or commercial clients
Experience with process development and deployment
Experience with the following technologies:
o Nessus
o Tenable SecurityCenter
o HP Fortify
o IBM AppScan
o WebInspect
Experience with three or more of the following:
o Security COTS integration
o Operating System Hardening
o Vulnerability Assessment testing
o Identification and Authentication schemes
o Public Key Infrastructure and Identity Management
o Cross Domain Solutions
o Reverse Engineering
o Security engineering
o Mobile Technologies
o Cloud Computing
Excellent writing skills

Required Education:
Bachelor s Degree in related field. Or in lieu of degree, equivalent experience in military, civil, or corporate areas will be considered.

Desired Certifications (one or more):
o OSCP,
o CISSP,
o SANS GCIH/GPEN/GWAPT
o CEH preferred.

Applicants must provide their phone number. Reference Job Number 4411

Posted By

San Francisco, CA

Contact
Dice Id : NETSO
Position Id : 4411
Have a Job? Post it

Similar Positions

Application Security Analyst
  • Integrated Systems, Inc.
  • Washington, D.c., DC
Senior Cyber Security Engineer
  • Take2 Consulting
  • Washington D.c., DC
Lead Application Security Engineer
  • The Consortium Inc
  • Rockville, MD
Senior Cyber Security Analyst
  • Bering Straits Native Corporation
  • Washington, DC
Information Security Engineer
  • Federal Bureau of Investigation (FBI)
  • Washington D.c., DC
Penetration Tester/Application Security Tester
  • U.S. Tech Solutions Inc.
  • Falls Church, Virginia
Security Engineer - Penetration Tester
  • Softworld, Inc.
  • Garrett Park, MD
Penetration Tester - Partial Remote
  • Meridian Technologies, Inc.
  • Reston, VA
Senior Cyber Security (SOC) Analyst
  • ConsultUSA
  • Ashburn, VA
Security Engineer (Vulnerability Management)
  • ALTEK Information Technology, Inc
  • Washington D.c., DC
Java Security Engineer
  • CompuGain Corporation
  • Rockville, MD
Cleared Cyber Security Engineer
  • Computer Merchant, Ltd., The
  • Fairfax, VA
Security Manager (Response and Analysis)
  • StevenDouglas
  • Herndon, VA
Senior Security Engineer
  • Robert Half Technology
  • Washington, D.c., DC