Penetration Tester
1 month ago
CSI is looking for a Penetration Tester to join our team on an upcoming Security and Privacy Assessment project in the non-profit telecommunications industry. The Pen Tester will complement risk assessments as ongoing defense against technical security threats of weakness exploitation for the same systems.
This role is hybrid remote with some in-person support required at the customer's location in Washington, DC.
Responsibilities Include:
- Penetration Testing:
- Conduct annual penetration testing of IT Systems.
- Ad hoc penetration testing as assigned for targeted applications, subsystems, or in response to emerging threats.
- Penetration testing for ATO-oriented assessments and ISPCM-oriented assessments.
- Conduct additional penetration tests as requested to accommodate schedules or ongoing authorization status for an authorized system, as required.
- Vulnerability Assessment:
- Analyze and assess potential security risks and vulnerabilities.
- Conduct vulnerability scans and risk assessments on a variety of platforms.
- Reporting and Documentation:
- Document and report findings with clear and actionable recommendations.
- Prepare detailed penetration testing reports and executive summaries.
- Security Recommendations:
- Provide expert guidance on remediation strategies to mitigate identified vulnerabilities.
- Collaborate with IT and development teams to implement security improvements.
- Security Research:
- Stay updated with the latest security trends, threats, and technology developments.
- Research new attack vectors and develop new testing methodologies.
- Compliance and Best Practices:
- Ensure compliance with industry standards and regulations (e.g., PCI-DSS, GDPR, HIPAA).
- Advocate for security best practices across the organization.
- Perform testing for OWASP Top Ten
- Training and Mentorship:
- Mentor junior penetration testers and provide training to staff on security awareness.
- Conduct workshops and training sessions to promote security knowledge.
Required Skills, Qualifications, and Experience:
- Certifications:
- Must have and maintain at least one of the following current certifications: GIAC Penetration Tester ("GPEN"), Certified Ethical Hacker ("CEH"), CompTIA PenTest+, or Licensed Penetration Tester Master ("LPT").
- Experience:
- Minimum of 5 years of professional experience in penetration testing and ethical hacking.
- Proven track record of conducting successful penetration tests.
- Technical Skills:
- Proficiency in using penetration testing tools (e.g., Burp Suite, Metasploit, Nmap).
- Strong understanding of network protocols, operating systems, and web application security.
- Experience with scripting languages (e.g., Python, Bash) for automation of tasks.
- Knowledge of various security frameworks and standards (e.g., OWASP, NIST).
- Soft Skills:
- Excellent problem-solving skills and analytical thinking.
- Strong communication skills, both written and verbal.
- Ability to work independently and as part of a team.
Preferred Qualifications:
- Experience in a similar role within a large enterprise or consulting environment.
- Familiarity with cloud security testing (e.g., AWS, Azure).
- Experience with mobile application security testing.
- Advanced knowledge of social engineering techniques.
- Experience developing Penetration Testing documents, such as scoping documents, ROE and reports.
- Proficiency in Python programming.
- Experience in leading internal and external pen tests.
- Experience in all phases of the Penetration Testing Process.
- Experience with numerous pen testing tools (Nmap, Burp, curl, wget, Nessus, Nikto, SQLMAP etc.).
- Experience with database scanning tools.
- Experience with web application scanning tools.
- Experience with phishing tools.
- The ability to write compelling documentation.
Cyber Security Innovations (CSI) is an equal opportunity employer committed to diversity and inclusion in the workplace. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws. As a veteran-friendly employer, we encourage military veterans to apply.
This policy applies to all employment practices within our organization, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship. CSI makes hiring decisions based solely on qualifications, merit, and business needs at the time.
CSI participates in the E-Verify Employment Verification Program.
Job Posted by ApplicantPro
We have other current jobs related to this field that you can find below
-
Penetration Tester
2 months ago
Washington, United States Graham Technologies Full timeJob DescriptionJob DescriptionJob Overview:Graham Technologies (GTECH) is seeking a Penetration Tester whose primary duties will be providing penetration tests to find, exploit, and report technical risks and recommending steps to remove, mitigate, or avoid each discovered technical risk and weakness.You will be happy to know that this is a hybrid position....
-
Penetration Tester
4 weeks ago
Washington, United States Graham Technologies Full timeJob Overview: Graham Technologies (GTECH) is seeking a Penetration Tester whose primary duties will be providing penetration tests to find, exploit, and report technical risks and recommending steps to remove, mitigate, or avoid each discovered technical risk and weakness. You will be happy to know that this is a hybrid position. The work location is...
-
Penetration Tester Lead
2 months ago
Washington, United States Graham Technologies Full timeJob DescriptionJob DescriptionJob Overview:Graham Technologies (GTECH) is seeking a Penetration Tester Lead whose primary duties include coordinating, planning, executing, and reporting on all penetration tests. You will be happy to know that this is a hybrid position. The work location is Washington, DC. Responsibilities:Coordinate Contractor resources as a...
-
Sr. Penetration Tester
2 months ago
Washington, United States NetSecurity Corporation Full timeJob DescriptionJob DescriptionTHE OPPORTUNITY:NetSecurity Corporation, a leader in endpoint threat protection, vulnerability detection, and forensics investigations, seeks a full-time Senior Penetration Tester to support our five-year contract with US Treasury (www.bep.gov). In this role, you’ll be responsible for executing penetration testing and hacking...
-
Penetration Tester II
3 days ago
Washington, United States ClearFocus Technologies Full timeClearFocus Technologies, a HUBZone certified company, is located in Leesburg, VA.We specialize in cybersecurity and support multiple government and commercial clients for a variety of missions. We value our clients, integrity and employees and believe a single person can make a difference! We are committed to attracting and retaining the best and brightest...
-
Penetration Tester
3 days ago
Washington, United States Fusion Technology Full timePenetration Tester Who are you? Trusted Employee: The Government trusts you and so do we. You possess an active Public Trust security clearance (Or are able to obtain a Public Trust clearance). You must also be able to obtain Department of Homeland Security (DHS) suitability. U.S. citizenship is a requirement for this position. Knowledgeable: You are a...
-
Penetration Tester
2 months ago
Washington, United States Fusion Technology Full timePenetration Tester Who are you? Trusted Employee: The Government trusts you and so do we. You possess an active Public Trust security clearance (Or are able to obtain a Public Trust clearance). You must also be able to obtain Department of Homeland Security (DHS) suitability. U.S. citizenship is a requirement for this position. Knowledgeable: You are a...
-
Penetration Tester
2 months ago
Washington, United States Fusion Technology Full timePenetration Tester Who are you? Trusted Employee: The Government trusts you and so do we. You possess an active Public Trust security clearance (Or are able to obtain a Public Trust clearance). You must also be able to obtain Department of Homeland Security (DHS) suitability. U.S. citizenship is a requirement for this position. Knowledgeable: You are a...
-
Penetration Tester
1 week ago
Washington, United States Fusion Technology LLC Full timeJob DescriptionJob DescriptionPenetration Tester Who are you?Trusted Employee: The Government trusts you and so do we. You possess an active Public Trust security clearance (Or are able to obtain a Public Trust clearance). You must also be able to obtain Department of Homeland Security (DHS) suitability.U.S. citizenship is a requirement for this position....
-
Penetration Tester
4 weeks ago
Washington, United States Fusion Technology LLC Full timeJob DescriptionJob DescriptionPenetration Tester Who are you?Trusted Employee: The Government trusts you and so do we. You possess an active Public Trust security clearance (Or are able to obtain a Public Trust clearance). You must also be able to obtain Department of Homeland Security (DHS) suitability.U.S. citizenship is a requirement for this position....
-
Penetration Tester
2 months ago
Washington, United States Fusion Technology LLC Full timeJob DescriptionJob DescriptionPenetration Tester Who are you?Trusted Employee: The Government trusts you and so do we. You possess an active Public Trust security clearance (Or are able to obtain a Public Trust clearance). You must also be able to obtain Department of Homeland Security (DHS) suitability.U.S. citizenship is a requirement for this position....
-
Penetration Tester
5 days ago
Washington, Washington, D.C., United States IBM Full timeYour Role and ResponsibilitiesAs a Senior Penetration Tester you will be supporting the mission of a progressive Federal agency. You will perform vulnerability assessments and penetration testing following the customer's prescribed scope to target, assess, and exploit risk and vulnerabilities of information systems and inform strategic decisions. The...
-
Penetration Tester
6 days ago
Washington, United States IBM Full timeYour Role and Responsibilities As a Senior Penetration Tester you will be supporting the mission of a progressive Federal agency. You will perform vulnerability assessments and penetration testing following the customer's prescribed scope to target, assess, and exploit risk and vulnerabilities of information systems and inform strategic decisions. The...
-
Junior Penetration Tester
2 months ago
Washington, United States Gunnison Consulting Group Inc Full timeJob DescriptionJob DescriptionDuties and responsibilities:Conduct security testing of IT assets, web applications, infrastructure assets and technologies, mobile applications, custom developed software implementations, virtual technologies, COTS products, cloud implementations, common application platforms, and other technologies connecting to or interacting...
-
Penetration Tester w/ TS/SCI
1 month ago
Washington, United States eGlobalTech Full timeAbout the RoleEGlobalTech, a Tetra Tech Company, is looking for a Penetration Tester and SME to join our Cyber Solutions Practice in Arlington, VA and provide on-site support a federal customer located in Washington, DC. Qualified candidates should have experience in software assurance, penetration testing with a range of automated tools, security patch...
-
Penetration Tester w/ TS/SCI
3 weeks ago
Washington, United States eGlobalTech Full timeAbout the RoleEGlobalTech, a Tetra Tech Company, is looking for a Penetration Tester and SME to join our Cyber Solutions Practice in Arlington, VA and provide on-site support a federal customer located in Washington, DC. Increase your chances of an interview by reading the following overview of this role before making an application. Qualified candidates...
-
Penetration Tester, Mid Level
2 months ago
Washington, United States Gunnison Consulting Group Inc Full timeJob DescriptionJob DescriptionWork Location: Hybrid/Washington, DC.We are seeking a motivated and customer-oriented cybersecurity professional to support our Department of State client. The candidate will support FISMA compliance.Duties and responsibilities include:Design and implement a penetration testing strategy aligned with government security...
-
Penetration Tester, Mid Level
4 weeks ago
Washington, United States Gunnison Consulting Group Inc Full timeWork Location: Hybrid/Washington, DC. We are seeking a motivated and customer-oriented cybersecurity professional to support our Department of State client. The candidate will support FISMA compliance. Duties and responsibilities include: Design and implement a penetration testing strategy aligned with government security frameworks (e.g., NIST 800-53, Risk...
-
Security RMF Pen Tester
4 hours ago
Washington, United States Hummingbirds Innovations Full timeJob DescriptionJob DescriptionThe ideal candidate has experience performing internal penetration testing, vulnerability assessments and manual exploitation of servers, web applications/services and databases to identify vulnerabilities, misconfigurations, and compliance issues. In addition, the candidate will have extensive experience in performing FISMA...
-
Lead Application Security Tester
2 weeks ago
Washington, United States Editech Staffing Full timeJob DescriptionJob DescriptionLead Application Security Tester / Source Code ReviewOnsite / Washington, DCOur client, established in 2016, is dedicated to redefining cybersecurity landscapes through unmatched innovation that has positioned them at the forefront of the industry, is looking for a talented Lead Application Security Tester to join their team in...
