Penetration Tester
Falls Church, VA

Job Description

We have an exciting opportunity for a Penetration Tester to join our team.

Key Responsibilities:

* Develop, plan, implement, communicate, coordinate and oversee penetration testing, application testing, and security assessments at application, system and enterprise level
* Develop Rules of Engagement, scoping documents and reports
* Oversee manual penetration tests and validation of vulnerability scan results
* Oversee/develop automation/scripts for replicating vulnerability validation and penetration tests
* Devises plans and scenarios for various types of penetration tests
* Documents vulnerabilities, relevant exploits, and remediations in final vulnerability assessment report
* Perform information technology security research to remain current on emerging technology trends and develop exploits for disclosed and undisclosed vulnerabilities
* Contributes to developing and implementing tools for penetration testing and early warning of weaknesses or possible incidents building on methodologies as promulgated by NIST, ISO, etc. to ensure useful, measurable, and repeatable methods applied to quantifying risk
* Oversee the selections, installations, and configuration security testing platforms and tools or develop tools and procedures for penetration tests
* Oversee penetration testing using standard penetration tools (Metasploit, Nmap, Nessus, Burp Suite, etc.)
* Performs off-hours work as necessary

Required Experience/Skills:

* Extensive experience (7+ years) in information security operations and/or related IT operational functions
* 3 years of penetration testing experience with 7 years' experience in Security Operations and/or related IT Operations functions
* Experience with web and mobile applications, databases, operating systems
* Experience in penetration testing large and complex enterprise networks
* Experience with utilizing penetration testing framework such as OWASP or Mitre Att&ck Framework.
* Experience with regulatory compliance, policy development, and policy enforcement
* Experience with FISMA / PCI-DSS compliance, ISO 27000 / NIST SP 800 Frameworks

Experience in the roles identified above

* 4+ years of network or system security
* Excellent communication and interpersonal skills
* Hands-on OS configuration/administration experience
* Programming experience with focus on penetration testing or process automation
* Experience with the following technologies:

o Kali Linux

o Metasploit

o Nmap

o Burp Suite

* One or more of the following certifications:

o CompTIA Security + CE

o CPTE - Certified Penetration Testing Engineer

o CEH - Certified Ethical Hacker

o Certified Information System Security Professional (CISSP)

* Candidate must be a US citizen

Desired Experience/Skills:

* Experience with cyber security development projects and programs for U.S. Government and/or commercial clients
* Experience with process development and deployment
* Experience with the following technologies:

o Nessus

o Tenable SecurityCenter

o HP Fortify

o IBM AppScan

o WebInspect

* Experience with three or more of the following:

o Security COTS integration

o Operating System Hardening

o Vulnerability Assessment testing

o Identification and Authentication schemes

o Public Key Infrastructure and Identity Management

o Cross Domain Solutions

o Reverse Engineering

o Security engineering

o Mobile Technologies

o Cloud Computing

* Excellent writing skills

Education: Must possess a minimum of a Bachelor's Degree in Computer Science, Information Technology or Information Security (Master's Degree preferred).

Benefits: Full-time employees (permanent or contract employees who are employed for a term greater than 6 months) are eligible for benefits including time-off benefits, such as vacations and holidays, and insurance and other plan benefits.

Location: Falls Church, VA

About Us:

Bay State Computers, Inc. is a professional services firm and a leading provider of Information Technology (IT) services and products to the U.S. Federal Government and Industry. Bay State brings together experienced IT professionals and the latest state-of-the-art technology tools, practices, and products to support projects and task order requirements for our customers. For more information about Bay State visit our website and connect with us on LinkedIn.

Bay State Computers, Inc. is an Equal Opportunity/Affirmative Action Employer. All qualified candidates will receive consideration for this position regardless of race, color, creed, religion, national origin, age, sex, citizenship, ethnicity, veteran status, marital status, disability, or any other characteristic protected by applicable law.