The Penetration Tester applies knowledge and experience of vulnerability assessment and penetration testing tools and techniques to execute security testing to support the assessment of commercial and Federal customer networks and systems.
- Configure, run, and monitor automated security testing tools.
- Perform manual penetration testing of client systems, web sites, and networks to identify and exploit vulnerabilities.
- Use comprehensive knowledge of techniques, tools, and standards to build test plans and methodologies.
- Conduct Security Testing and Evaluation to measure effectiveness of client Service Provider’s security control environment.
- Perform manual validation of vulnerabilities
- Compile, draft, review, develop, and deliver input for reports on all aspects relevant to information security activities, processes, and associated documentation.
- Apply knowledge of industry standard software and hardware tools to recommend solutions to meet customer vulnerability assessment and penetration testing.
- Expertise in planning, organizing, and prioritizing work, meeting deadlines, managing multiple tasks and working independently.
- Travel to customer sites required, up to 10%.
- Bachelors Degree in Computer Science, Information Systems, Engineering, or related scientific or technical discipline.
- Possess one or more certifications including, CEH, CISSP, OSCP, GPEN, OSCE, OSCP
- 3+ years of hands-on vulnerability assessment and penetration testing experience
- Detailed knowledge applying vulnerability assessment and penetration best practices, techniques, and tools
- Experience with the following technologies:
- Security testing tools including Metasploit, Nmap, Nessus, Burp Suite, or equivalents
- Security testing of mobile applications, wireless technologies, and web applications
- Social engineering