Penetration Tester

Positions Available: 4 - FUOPS COAB (Penetration Testers & Assessors)

Remote Capability: TBD

Clearance Requirement: Top Secret/SCI, Active

Avint is seeking an experienced Penetration Tester to support a Federal Agency contingent award starting June 2022. This position will perform computer network evaluations to include penetration security assessments in a cybersecurity environment and assist in fulfilling the Federal Agency’s mission to ensure security measures and safeguards are in place to thwart threat attacks and prevent unauthorized access.

Requirements

• Plan, communicate, coordinate and perform penetration tests and security assessments at application, system and enterprise levels.

• Simulate tactics, techniques, and procedures used by advanced cyber threat actors.

• Assist with reconnaissance, threat modeling, vulnerability identification, authorized exploitation, and post-exploitation cleanup.

• Develops automation/scripts for replicating vulnerability validation and penetration tests.

• Documents targets, test plan, scenarios tested, findings, test evidence and recommendations in penetration test report.

• Perform information technology security research to remain current on emerging technology trends and develop exploits for disclosed and undisclosed vulnerabilities.

• Coordinate projects and initiatives within the Vulnerability Management Team.

• Utilize automated and manual testing methods to validate vulnerability testing methods.

• Proactive interest in emerging technologies and techniques related to penetration testing.

Technical Areas of Expertise

• Experience in penetration testing enterprise networks using standard penetration tools such as Metasploit, Nmap, Nessus, Burp Suite, Cobalt Strike, etc.)
• Experience with utilizing penetration testing methodologies.
• Experience with applications, databases, operating systems and network devices.
• Understanding of threat attacks, exploitation and data exfiltration.
• Perform IT security research to remain current on emerging technology trends and develop exploits for disclosed and undisclosed vulnerabilities.

• Experience with SIEM technologies (such as NetWitness, Splunk).

• Experience with packet analysis to include: HTTP Headers & Status codes, SMTP Traffic & Status codes, FTP Traffic & Status Codes.

• RMF Framework and Cybersecurity Framework.

• Knowledge and skill in the use of penetration testing principles, tools, and techniques.

• Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.

• Skill in using network analysis tools to identify vulnerabilities (e.g., fuzzing, nmap, etc.).

• Skill in conducting application vulnerability assessments.

Qualifications

• Bachelor’s degree in a related field or technical discipline, or 5-8 years of equivalent work experience in similar roles within the DoD or Federal Government, demonstrating ability working in Vulnerability/Penetration Testing or a related Cyber Security role.
• Security +, or another relevant IAT Level II Certification; IAT Level III: CISA or CISSP required for 2 out of the 4 open positions.

• Malware analysis or digital computer forensics experience is a plus.

Benefits

Joining Avint is a win-win proposition! You will feel the personal touch of a small business and receive BIG business benefits. From competitive salaries, full health, a unique 401K plan, and generous PTO and Federal Holidays.

Additionally, we encourage every Avint employee to further their professional development. To assist you in achieving your goals, we offer reimbursement for courses, exams, and tuition. Interested in a class, conference, program, or degree? Avint will invest in YOU and your professional development!

Avint is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity and Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.