Penetration Tester - CLEARANCE and POLYGRAPH REQUIRED

Penetration Tester - CLEARANCE and POLYGRAPH REQUIRED

Cyber Kill Chain methodology, Risk Management Framework, Burp Suite, Web Inspect, Appdetective, Python, Powershell, C, JavaScript, Java, XML, Perl and HTM

Due to federal contract requirements, United States citizenship and an active TS/SCI security clearance and polygraph are required for the position.

Required:

• Must be a US Citizen.
• Must have TS/SCI clearance w/ active polygraph (Polygraph must be within the last five (05) years).
• Must have at least twelve (12) years of relevant experience.
• Must have experience with penetration testing tools.
• Must have experience in web development and programming languages such as Java, XML, Perl and HTML.
• Must have experience with programming/scripting in Python, Powershell, C, JavaScript, etc.
• Must have extensive experience performing IT security risk assessments.
• Must have experience performing web app and physical pentests.
• Must have experience with or strong familiarity of the following Web Application tools; Burp Suite, Web Inspect, Appdetective.
• Must have experience with or strong familiarity of Kali.
• Must have experience with or strong familiarity of IPS/IDS solutions.
• Must have a strong understanding of the Cyber Kill Chain methodology.
• Must have experience applying Risk Management Framework.
• Must have experience with secure configurations of commonly used desktop and server operating systems.
• Must have the ability to effectively collaborate with technical staff and customers to form mitigation strategies and plan for continuous modernization and legacy integration.
• Must have experience managing multiple projects simultaneously and quickly and effectively adjusting to shifting priorities in resolving issues.

These Qualifications Would Be Nice to Have:

• Bachelor's degree in a technical/information assurance field.
• Certifications in one or more of the following areas strongly preferred:
• GIAC Web Applications Penetration Tester (GWAPT)
• GIAC Penetration Tester (GPEN)
• Certified Ethical Hacker (CEH)
• Certified Information Security Manager (CISM)
• Certified Web Application Defender (GWEB)
• Certified Information System Security Professional (CISSP)
• Extensive experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response.
• Extensive experience providing information assurance support for application development that includes system security certifications and project evaluations for firewalls that encompass development, design, and implementation.​

The benefits package:

• Affordable healthcare options with 80% employer paid premium PLUS a company-funded HSA
• Dental insurance with 100% employer paid premium
• Vision with 80% employer paid premium
• Employer paid Life insurance 100%
• Employer paid Short-term and Long-term disability 100%
• Annual training, continued education, and professional memberships reimbursement
• Unlimited access to Red Hat Enterprise Linux and AWS training and accreditation
• Annual reimbursement for technology i.e. phones, computers, printers, etc.
• 401(k) with company match up to 5% with 100% immediate vesting (after 90 days of employment)

The environment and perks:

• Professional development investment and paid time off for training
• Contract and work locations in Maryland, Virginia, Colorado, Texas, Utah, Florida and Hawaii.
• Team building events throughout the year such as Destination Family Events, Holiday Party, Monthly Get-Togethers
• Leadership Team engagement and mentorship
• Performance Recognition Program
• Complimentary branded apparel