Summit Technologies, Inc. has an open position for a Web Application and Database Vulnerability Scanner / Penetration Tester. In this position, you will perform web application and database scanning to identify and remediate identified vulnerabilities. You must be a US citizen or a permanent US resident as this is a government position requiring a Public Trust security clearance. This on-site position is located in Washington, DC.
- Perform web application(s) and database scanning services.
- Analyze and review application, system, and database security postures through active scanning, application-layer protocol, fingerprinting or traffic analysis.
- Prioritize mitigation actions based on assessed risk, upon discovery of critical exploits and vulnerabilities.
- Utilize a wide variety of tools such as Accunetix and AppDetective, to identify potentials risk(s) and work with the Development team to correct vulnerabilities.
- Ensure proper protection or corrective measures are taken when an incident or vulnerability is discovered.
- Respond to security incidents, investigate and report security violations and incidents.
- Research existing exploit code and/or develop proof-of-concept exploit code for test and evaluation of mitigation solutions.
- Develop and submit detailed reports of findings, analysis, and recommendations.
- Research new vulnerabilities, attacks, and exploits.
Experience & Skills:
- A total of five (5) years related information security experience.
- Two (2) years of experience in Web and Database applications, testing, tools and processes.
- Two (2) years of experience in vulnerability scanning and penetration testing.
- A solid understanding of IT Security concepts, to include vulnerability & patch management.
- Experience with Web and Database scanning (preferably using Accunetix and AppDetective).
- Experience as an Application Developer or Database Administrator is a plus.
- Experience working with Application Developers to mitigate security findings.
- Possess strong organizational and communication skills, to interface with clients.
- Must be able to work with team members and other groups, work with competing priorities, and possess strong customer focus.
Education & Certifications:
- Bachelor’s degree or 8 years of additional IT security related experience may be substituted.
- Must have one of the security certifications: CEH, CISSP GPEN, GWAPT, GXPN, GWEB, GSSP-JAVA, or GSSP-.NET
- All candidates for consideration must be eligible to obtain a Public Trust security clearance.
Summit Technologies Inc. appreciates your interest. We will contact the best prospects and will consider you for future opportunities. We will not submit your resume without your prior knowledge and consent. Summit Technologies is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, age, protected veteran status, or disability status.