Lead Penetration Tester
About The Position
A Lead Penetration Tester is needed to join a high performing agile team using the Scaled Agile Framework ﴾SAFe﴿ methodology on a large, complex program that provides system engineering, development, test, integration and operational support. The selected individual will work on a team of cyber Subject Matter Experts ﴾SMEs﴿ who are providing support to a large, complex technical program for preventing, identifying, containing and eradicating cyber threats to networks through monitoring, intrusion detection, and protective security services on information systems including local area networks/wide area networks ﴾LAN/WAN﴿, commercial Internet connections, public facing websites, security devices, servers and workstations. She/he will be responsible for the overall security of Enterprise‐wide information systems, and will collect, investigate, and report any suspected and confirmed security violations.
Requirements
- Must have experience with penetration testing tools.
- Must have experience in web development and programming languages such as Java, XML, Perl and HTML.
- Must have experience with programming/scripting in Python, Powershell, C, JavaScript, etc.
- Must have extensive experience performing IT security risk assessments.
- Must have experience performing web app and physical pentests.
- Must have experience with or strong familiarity of the following Web Application tools; Burp Suite, Web Inspect, Appdetective.
- Must have experience with or strong familiarity of Kali.
- Must have experience with or strong familiarity of IPS/IDS solutions.
- Must have a strong understanding of the Cyber Kill Chain methodology.
- Must have experience applying Risk Management Framework.
- Must have experience with secure configurations of commonly used desktop and server operating systems.
- Must have the ability to effectively collaborate with technical staff and customers to form mitigation strategies and plan for continuous modernization and legacy integration.
- Must have experience managing multiple projects simultaneously and quickly and effectively adjusting to shifting priorities in resolving issues.
Nice To Haves
- Bachelor's degree in a technical/information assurance field and at least 12 years of relevant experience.
- Certifications in one or more of the following areas strongly preferred: GIAC Web Applications Penetration Tester ﴾GWAPT﴿ GIAC Penetration Tester ﴾GPEN﴿ Certified Ethical Hacker ﴾CEH﴿ Certified Information Security Manager ﴾CISM﴿ Certified Web Application Defender ﴾GWEB﴿ Certified Information System Security Professional ﴾CISSP﴿
- Extensive experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti‐virus planning assistance, risk analysis, and incident response.
- Extensive experience providing information assurance support for application development that includes system security certifications and project evaluations for firewalls that encompass development, design, and implementation.
Benefits
- 10% Employer Contribution to 401K; Immediately Vested
- 5 Weeks Paid Time Off (PTO) up to 7 weeks
- Access to Premium Healthcare/Dental/Vision Available
- $2500+ Training
- Paid Referral
- Company Profit Sharing
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
1-10 employees
