MakparMakpar is an award winning cybersecurity consultant specializing in IT modernization for the Federal government. We solve difficult problems with resolve.
Role Specific Duties:
- Perform network and application penetration tests to identify vulnerabilities and weaknesses in the infrastructure and applications.
- Simulate insider threats to test detection and response capabilities, ensuring the agency is prepared to handle internal security risks.
- Develop penetration test plans, rules of engagement, and reports to provide clear documentation of findings, recommendations, and actions taken.
- Conduct thorough penetration testing of high-priority systems, emulating threat-based attacks.
- Identify and analyze security vulnerabilities, paying special attention to systems handling sensitive and confidential information.
- Utilize DAST tools to perform web application vulnerability scans, enabling timely detection and remediation of security weaknesses.
- Collaborate with Applications Development teams to provision developers and integrate security tools into the CI/CD pipeline, facilitating automated developer verification of software vulnerabilities.
- Bachelor's degree in Computer Science, Information Security, or a related field (Master's preferred).
- Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or other relevant certifications preferred.
- Strong knowledge of cybersecurity principles, practices, and tools. Understanding of exploitation concepts including phishing and social engineering tactics, buffer overflows, fuzzing, SQLi, mitm, covert channels, secure tunneling and exfiltration techniques.
- A mastery of scripting and reading exploits written in various programming languages
- Execute advanced ethical hacking concepts.
- Proficiency with Python and Java and other programming languages.
- Proficiency in using tools such as Kali Linux and Windows OS, experience with both commercial and non-commercial post-exploitation frameworks, scripting and programming languages (e.g., PowerShell, Python, Go, Java), expertise in Active Directory and related analysis tools, knowledge of endpoint and network detection evasion techniques, and the ability to compile and modify open-source software for offensive and defensive cybersecurity purposes.
- Experience with DevSecOps practices and CI/CD pipelines.
- Excellent communication skills and the ability to work collaboratively with cross-functional teams.
- Strong problem-solving skills and attention to detail.
- Ability to obtain and maintain necessary security clearances.
- Candidates must be a US Citizen or a Legal Permanent Resident (Green Card status) for 3 years and be Federal Tax compliant.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Active Directory Agile CEH CI/CD CISSP Cloud Computer Science DAST DevSecOps Ethical hacking Exploits Java Kali Linux Pentesting PowerShell Python Scripting Vulnerabilities Vulnerability scans Windows
More jobs like this
USA, MD, Annapolis Junction … USA, MD, Annapolis Junction (304 Sentinel Dr) … Full TimeSenior Senior-levelUSD 81K - 186K USD 81K+
Booz Allen Hamilton
Penetration Tester, LeadBurp Suite CEH Clearance Cobalt Strike GPEN Metasploit +10
401(k) matching Career development Equity Flex hours Flex vacation +4
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Security Analyst jobs
- Open o365 Security Architect jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Security Researcher jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open SOC-related jobs
- Open GCP-related jobs
- Open Risk assessment-related jobs
- Open Governance-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open CISM-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open Vulnerability management-related jobs
- Open Java-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open DoD-related jobs
- Open EDR-related jobs
- Open Splunk-related jobs