Cyber Security - Senior Penetration Tester at Amtec Human Capital
Reston, VA 20190
About the Job
POSITION DESCRIPTION
Seeking a Penetration Tester to perform external network-level testing against company assets to include black-box testing with no prior knowledge of systems as well as white-box testing with complete knowledge of systems. The position is located in our Reston, VA office. Internal network-level testing will be performed on internal networks and systems. Application-level testing to involve analysis of application to identify vulnerabilities created through maintenance, configuration or architectural issues, using unauthenticated and authenticated perspectives. Extrusion testing will be done to determine how easily sensitive information can be pushed from the inside out testing DLP systems, proxies, and security monitoring.
Assigned tasks may include:
Must have a familiarity with vulnerability management tools such as but not limited to Qualys, McAfee Vulnerability Manager, WebInspect and Nessus. And more importantly, have the ability to understand and articulate scan results.
Required Skills and Education
· Able to obtain a Secret clearance
· OSCP or GPEN
· Strong ethics and understanding of ethics in business and information security
· English language written communication skills
Seeking a Penetration Tester to perform external network-level testing against company assets to include black-box testing with no prior knowledge of systems as well as white-box testing with complete knowledge of systems. The position is located in our Reston, VA office. Internal network-level testing will be performed on internal networks and systems. Application-level testing to involve analysis of application to identify vulnerabilities created through maintenance, configuration or architectural issues, using unauthenticated and authenticated perspectives. Extrusion testing will be done to determine how easily sensitive information can be pushed from the inside out testing DLP systems, proxies, and security monitoring.
Assigned tasks may include:
- Performing network-based security assessments
- performing security assessments on Internet-facing applications
- Performing security assessments on software applications
- Performing penetration tests across public networks
- Performing penetration tests across internal networks
- Performing assessments of physical security using social engineering
- Developing testing scripts and procedures
- Other security-related projects that may be assigned according to skills.
Must have a familiarity with vulnerability management tools such as but not limited to Qualys, McAfee Vulnerability Manager, WebInspect and Nessus. And more importantly, have the ability to understand and articulate scan results.
Required Skills and Education
· Able to obtain a Secret clearance
· OSCP or GPEN
· Strong ethics and understanding of ethics in business and information security
· English language written communication skills
