Penetration Tester
Alexandria, Virginia, United States
Positions Available: 4 - FUOPS COAB (Penetration Testers & Assessors)
Remote Capability: 4 Days On-Site in Alexandria, VA, 1 Day Remote Capability
Clearance Requirement: Top Secret/SCI, Active
Avint is seeking an experienced Penetration Tester to support a Federal Agency contingent award starting mid to late Summer 2022. This position will perform computer network evaluations to include penetration security assessments in a cybersecurity environment and assist in fulfilling the Federal Agency’s mission to ensure security measures and safeguards are in place to thwart threat attacks and prevent unauthorized access.
Requirements
- Plan, communicate, coordinate and perform penetration tests and security assessments at application, system and enterprise levels.
- Simulate tactics, techniques, and procedures used by advanced cyber threat actors.
- Assist with reconnaissance, threat modeling, vulnerability identification, authorized exploitation, and post-exploitation cleanup.
- Develops automation/scripts for replicating vulnerability validation and penetration tests.
- Documents targets, test plan, scenarios tested, findings, test evidence and recommendations in penetration test report.
- Perform information technology security research to remain current on emerging technology trends and develop exploits for disclosed and undisclosed vulnerabilities.
- Coordinate projects and initiatives within the Vulnerability Management Team.
- Utilize automated and manual testing methods to validate vulnerability testing methods.
- Proactive interest in emerging technologies and techniques related to penetration testing.
Technical Areas of Expertise
- Experience in penetration testing enterprise networks using standard penetration tools such as Metasploit, Nmap, Nessus, Burp Suite, Cobalt Strike, etc.)
- Experience with utilizing penetration testing methodologies.
- Experience with applications, databases, operating systems and network devices.
- Understanding of threat attacks, exploitation and data exfiltration.
- Perform IT security research to remain current on emerging technology trends and develop exploits for disclosed and undisclosed vulnerabilities.
- Experience with SIEM technologies (such as NetWitness, Splunk).
- Experience with packet analysis to include: HTTP Headers & Status codes, SMTP Traffic & Status codes, FTP Traffic & Status Codes.
- RMF Framework and Cybersecurity Framework.
- Knowledge and skill in the use of penetration testing principles, tools, and techniques.
- Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
- Skill in using network analysis tools to identify vulnerabilities (e.g., fuzzing, nmap, etc.).
- Skill in conducting application vulnerability assessments.
Qualifications
- Bachelor’s degree in a related field or technical discipline, or 5-8 years of equivalent work experience in similar roles within the DoD or Federal Government, demonstrating ability working in Vulnerability/Penetration Testing or a related Cyber Security role.
- Security +, or another relevant IAT Level II Certification or be willing to obtain within 6 months of employment; IAT Level III: CISA or CISSP required for 2 out of the 4 open positions or be willing to obtain within 6 months of employment.
- Malware analysis or digital computer forensics experience is a plus.
Benefits
Joining Avint is a win-win proposition! You will feel the personal touch of a small business and receive BIG business benefits. From competitive salaries, full health, a unique 401K plan, and generous PTO and Federal Holidays.
Additionally, we encourage every Avint employee to further their professional development. To assist you in achieving your goals, we offer reimbursement for courses, exams, and tuition. Interested in a class, conference, program, or degree? Avint will invest in YOU and your professional development!
Avint is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity and Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation Burp Suite CISA CISSP Clearance Cobalt Strike DoD Exploits Forensics Malware Metasploit Nessus Nmap Pentesting Security assessment SIEM SMTP Splunk Top Secret TS/SCI Vulnerabilities Vulnerability management Vulnerability scans
Perks/benefits: 401(k) matching Career development Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs