Pentester III
About The Position
At Accenture Federal Services, nothing matters more than helping the US federal government make the nation stronger and safer and life better for people. Our 13,000+ people are united in a shared purpose to pursue the limitless potential of technology and ingenuity for clients across defense, national security, public safety, civilian, and military health organizations. Join Accenture Federal Services, a technology company and part of global Accenture, to do work that matters in a collaborative and caring community, where you feel like you belong and are empowered to grow, learn and thrive through hands-on experience, certifications, industry training and more. Join us to drive positive, lasting change that moves missions and the government forward! We are: Accenture Federal Services, bringing together commercial innovation with the latest technology to unleash the potential for our federal clients. Every day we bring bold thinking and diverse disciplines to solve problems in new ways. Ready to learn as much as you can We’ll give you numerous opportunities from informal training sessions to courses and certifications to keep your tech smarts sharp. You are: Candidates must possess demonstrated experience planning and conducting penetration tests against networks and web applications. Solid understanding of exploitation concepts including phishing and social engineering tactics, buffer overflows, fuzzing, covert channels, and data exfiltration. Perform infrastructure penetration testing to discover and exploit vulnerabilities to test the effectiveness of the organization’s security posture. Perform web application penetration testing to identify and exploit OWASP Top 10 web application vulnerabilities. Leverage threat intelligence to emulate known threat actors’ tactics, techniques, and procedures. Expertise with tools such as Bloodhound, Burp Suite, Cobalt Strike, Metasploit, and Mimikatz. Develop process automation and penetration testing scripts. Partner with various cybersecurity teams to improve automation and detection of threat actors. Engage with technical and non-technical audiences to articulate both techniques and results.
Requirements
- Bachelor’s Degree
- At least five (5) years of pen test experience
- Knowledge of red, blue, and purple team assessments
- Experience with OSSTMM, OWASP, NIST, PTES, ISSAF methodologies
- Experience with a variety of toolsets for gathering information and conduct comprehensive penetration tests
- Must have at least a CEH, PenTest+, or GPEN certification in addition to one of the following certifications: GXPN, OSCP, CRTOP, CMWAPT, CEPT, CPT, LPT or other similar certifications as approved by the Government (e.g., C|PENT)
- US Citizen
Responsibilities
- Perform infrastructure penetration testing to discover and exploit vulnerabilities to test the effectiveness of the organization’s security posture.
- Perform web application penetration testing to identify and exploit OWASP Top 10 web application vulnerabilities.
- Leverage threat intelligence to emulate known threat actors’ tactics, techniques, and procedures.
- Develop process automation and penetration testing scripts.
- Partner with various cybersecurity teams to improve automation and detection of threat actors.
- Engage with technical and non-technical audiences to articulate both techniques and results.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
