Application Security Tester
Falls Church, VA

Job Description

We have an exciting opportunity for an Application Security Tester to join our team. As a trusted Application Security Tester, you will plan, communicate, coordinate and conduct penetration tests and security assessments for applications, systems and enterprise networks.

Key Responsibilities:

* Plan, communicate, coordinate and perform penetration testing, application testing, and security assessments at application, system and enterprise level
* Develop Rules of Engagement, scoping documents and reports
* Perform manual penetration tests and validation of vulnerability scan results
* Develops automation/scripts for replicating vulnerability validation and penetration tests
* Devises plans and scenarios for various types of penetration tests
* Documents vulnerabilities, relevant exploits, and remediations in final vulnerability assessment report
* Perform information technology security research to remain current on emerging technology trends and develop exploits for disclosed and undisclosed vulnerabilities
* Contribute to developing and implementing tools for penetration testing and early warning of weaknesses or possible incidents building on methodologies as promulgated by NIST, ISO, etc. to ensure useful, measurable, and repeatable methods applied to quantifying risk
* Select, install, and configure security testing platforms and tools or develop tools and procedures for penetration tests
* Perform penetration testing using standard penetration tools (Metasploit, Nmap, Nessus, Burp Suite, etc.)
* Perform off-hours work as necessary

Required Experience/Skills:

* 3-5 years of penetration testing experience
* Experience with web and mobile applications, databases, operating systems
* Experience in penetration testing large and complex enterprise networks
* Experience with utilizing penetration testing framework such as OWASP or Mitre Att&ck Framework.
* Experience with regulatory compliance, policy development, and policy enforcement
* Experience with FISMA / PCI-DSS compliance, ISO 27000 / NIST SP 800 Frameworks
* Experience in the roles identified above
* 4+ years of network or system security
* Excellent communication and interpersonal skills
* Hands-on OS configuration/administration experience
* Programming experience with focus on penetration testing or process automation
* Experience with the following technologies:

o Kali Linux

o Metasploit

o Nmap

o Burp Suite

* Candidate must be a US citizen

Desired Experience/Skills:

* Experience with cyber security development projects and programs for U.S. Government and/or commercial clients
* Experience with process development and deployment
* Experience with the following technologies:

o Nessus

o Tenable SecurityCenter

o HP Fortify

o IBM AppScan

o WebInspect

* Experience with three or more of the following:

o Security COTS integration

o Operating System Hardening

o Vulnerability Assessment testing

o Identification and Authentication schemes

o Public Key Infrastructure and Identity Management

o Cross Domain Solutions

o Reverse Engineering

o Security engineering

o Mobile Technologies

o Cloud Computing

* Excellent writing skills
* One or more of the following certifications:

o OSCP

o CISSP

o SANS GCIH/GPEN/GWAPT

o CEH

Education: Bachelor's Degree in related field. Or in lieu of degree, equivalent experience in military, civil, or corporate areas will be considered.

Benefits: Full-time employees (permanent or contract employees who are employed for a term greater than 6 months) are eligible for benefits including time-off benefits, such as vacations and holidays, and insurance and other plan benefits.

Location: Falls Church, VA

About Us:

Bay State Computers, Inc. is a professional services firm and a leading provider of Information Technology (IT) services and products to the U.S. Federal Government and Industry. Bay State brings together experienced IT professionals and the latest state-of-the-art technology tools, practices, and products to support projects and task order requirements for our customers. For more information about Bay State visit our website and connect with us on LinkedIn.

Bay State Computers, Inc. is an Equal Opportunity/Affirmative Action Employer. All qualified candidates will receive consideration for this position regardless of race, color, creed, religion, national origin, age, sex, citizenship, ethnicity, veteran status, marital status, disability, or any other characteristic protected by applicable law.