Penetration Tester
Herndon, VA
Full Time
Experienced
BT-56 – Penetration Tester
Location: Herndon
**MUST HAVE A POLY CLEARANCE TO APPLY**
Job Description
The team provides a highly technical and in-depth penetration testing service, in support of enterprise cyber security equities. The team requires support specializing in penetration testing and ethical hacking, to target, assess, and exploit risk and vulnerabilities of information systems. The intent is to provide senior decision makers with documented and actionable data to aid in making strategic investment decisions. The team will document all identified system risks, planned test procedures, and results; perform analyses of vulnerabilities identified during testing; and review program-level documentation (e.g., requirements specification, system architecture, design documents, test plans, security plans, etc.). They will recommend changes to program-level documentation with an eye to reducing system vulnerabilities, create and document penetration testing plans and procedures, and approved testing plans and procedures to conduct hands-on penetration testing. The team will also analyze test results, document risks, and recommend countermeasures to uncovered risks; participate or lead technical exchange meetings and application review boards; document action items and results from technical exchange meetings and application review boards; and brief management on the status of action items and results of activities.
Technologies/Tools
Location: Herndon
**MUST HAVE A POLY CLEARANCE TO APPLY**
Job Description
The team provides a highly technical and in-depth penetration testing service, in support of enterprise cyber security equities. The team requires support specializing in penetration testing and ethical hacking, to target, assess, and exploit risk and vulnerabilities of information systems. The intent is to provide senior decision makers with documented and actionable data to aid in making strategic investment decisions. The team will document all identified system risks, planned test procedures, and results; perform analyses of vulnerabilities identified during testing; and review program-level documentation (e.g., requirements specification, system architecture, design documents, test plans, security plans, etc.). They will recommend changes to program-level documentation with an eye to reducing system vulnerabilities, create and document penetration testing plans and procedures, and approved testing plans and procedures to conduct hands-on penetration testing. The team will also analyze test results, document risks, and recommend countermeasures to uncovered risks; participate or lead technical exchange meetings and application review boards; document action items and results from technical exchange meetings and application review boards; and brief management on the status of action items and results of activities.
Technologies/Tools
- (Mandatory) Demonstrated work experience in cyber security or related IT field
- (Mandatory) Demonstrated experience with cyber penetration testing
- (Mandatory) Demonstrated experience applying computer attack methods and system exploitation techniques
- (Mandatory) Demonstrated working knowledge of cyber security principles for Linux, Windows, and virtual platforms
- (Mandatory) Demonstrated experience designing, testing, or implementing IT security architecture
- (Mandatory) Demonstrated experience performing network security analysis
- (Mandatory) Demonstrated experience analyzing network architectures
- (Mandatory) Demonstrated experience using network management tools
- (Mandatory) Demonstrated experience leveraging adversarial tactics to conduct hands-on security testing
- (Mandatory) Demonstrated experience developing risk management methodologies
- (Mandatory) Demonstrated experience analyzing test results to develop risk and threat mitigation plans
- (Mandatory) Demonstrated experience testing or reviewing system configuration, development, and design specifically around enterprise systems and hypervisors
- (Mandatory) Demonstrated experience designing, testing, or implementing complex Windows installations
- (Desired) Demonstrated experience participating in public and private information security groups and organizations
- (Desired) Demonstrated experience communicating vulnerability results and risk posture to senior executives
- (Desired) Demonstrated experience researching, evaluating, and developing security policies and guidance
- (Desired) Demonstrated experience performing complex technical tasks with minimal direction
- (Desired) A Bachelor's degree in Computer Science, Information Systems, Engineering, or other related scientific or technical discipline
Apply for this position
Required*