Current jobs related to Penetration Tester - Springfield - Aerstone
-
Artificial Intelligence Machine Learning Lead
2 weeks ago
Springfield, Virginia, United States Leidos Full timeLeidos Artificial Intelligence Machine Learning LeadAt Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers' success. We empower our teams, contribute to our communities, and operate sustainably. Our Mission, Vision, and Values guide the way we do business.Job SummaryWe are seeking...
-
Artificial Intelligence Machine Learning Lead
2 weeks ago
Springfield, Virginia, United States Leidos Full timeJob Title: Artificial Intelligence Machine Learning LeadLeidos is seeking an experienced Artificial Intelligence Machine Learning (AI/ML) Lead to join our team. As the AI/ML Lead, you will be responsible for spearheading the exploration of cutting-edge AI frameworks, leading research on AI methodologies, and documenting the entire lifecycle of AI models.Key...
-
Artificial Intelligence Machine Learning Lead
2 weeks ago
Springfield, Virginia, United States Leidos Full timeJob Title: Artificial Intelligence Machine Learning LeadAt Leidos, we are seeking a highly skilled Artificial Intelligence Machine Learning Lead to join our team. As a key member of our Digital Modernization Sector, you will play a crucial role in developing and implementing cutting-edge AI/ML solutions that drive business success.Key Responsibilities:Lead...
-
Springfield, Virginia, United States Leidos Full timeJob SummaryLeidos is seeking an experienced Artificial Intelligence Machine Learning Lead to join our team. As the AI/ML Lead, you will spearhead the exploration of cutting-edge AI frameworks, lead research on AI methodologies, and document the entire lifecycle of AI models—from creation to deployment and operation—while addressing the risks and...
-
Artificial Intelligence Machine Learning Lead
2 weeks ago
Springfield, Virginia, United States Leidos Inc Full timeAI/ML Security LeadAt Leidos, we are seeking a highly skilled AI/ML Security Lead to spearhead the exploration of cutting-edge AI frameworks and methodologies. As a key member of our team, you will lead research into AI/ML frameworks, ensuring alignment with emerging trends and technologies. Your expertise in documenting AI/ML lifecycle processes,...
-
Springfield, Virginia, United States Leidos Full timeJob SummaryLeidos is seeking an experienced Artificial Intelligence Machine Learning Lead to spearhead the exploration of cutting-edge AI frameworks and lead research on AI methodologies. The successful candidate will document the entire lifecycle of AI models, from creation to deployment and operation, while addressing risks and vulnerabilities within each...
-
Springfield, Virginia, United States Leidos Full timeJob SummaryWe are seeking an experienced Artificial Intelligence Machine Learning (AI/ML) Lead to join our team at Leidos. As the AI/ML Lead, you will spearhead the exploration of cutting-edge AI frameworks, lead research on AI methodologies, and document the entire lifecycle of AI models—from creation to deployment and operation—while addressing the...
-
Vulnerability Assessment
4 weeks ago
Springfield, United States Department of Homeland Security Full timeThe Department of Homeland Security (DHS) is recruiting professionals to support a range of technical roles in Vulnerability Assessment, including Vulnerability Assessment Subject Matter Expert, Supply Chain Risk Management (SCRM) Assessor, Cyber Hygiene Assessor, Penetration Assessment Subject Matter Expert, and Penetration Tester. All positions are in the...
Penetration Tester
5 months ago
Welcome to Aerstone, a place where you get to share your skills and experience with a team of high performing security professionals and in turn, improve on your own capabilities. Working together in a collaborative environment helps our business grow, but more importantly, it will help you grow. At Aerstone, we foster greatness, we champion accountability, and we value kindness.
As a Penetration Tester, you will join our growing testing team and have the opportunity to support, and lead, technical testing and assessment activities including vulnerability scanning, configuration reviews, web application scanning, database scanning, observation or “over the shoulder” technical control interview sessions, cloud security benchmark scanning, and infrastructure as code (IaC) security analysis. You will have the chance to evaluate test results against compliance standards and conduct risk analyses of findings in order to generate detailed assessment reports to help our customers gain security assurance and secure their systems.
We at Aerstone are highly committed to creating a collaborative work environment where everyone contributes and gains from our collective experiences. It is our belief that creating a culture based on synergy and the coordinated optimization of individual strengths results in mutual benefit and growth.
If this is you, we welcome your interest to join us
Responsibilities:
- Support and lead testing of web applications and APIs for susceptibility to SQL injections, Cross-Site Scripting, and other input attacks
- Support and lead technical evaluation of cloud-based applications and systems, assessing secure configurations and settings of PaaS, SaaS, and IaaS environments. This may include use of automated cloud assessment tools or industry best practices.
- Support and lead technical assessments of network infrastructure, servers, endpoints, and databases.
- Perform pre-assessment research and preparation including reconnaissance, documentation and configuration review, and customer interviews.
- Conduct automated credentialed vulnerability scanning against databases using commercial and open-source scanning tools.
- Assess compliance posture against regulatory requirements mainly including NIST SP 800-53, and may include OWASP ASVS, and ISO 27001.
- Conduct reviews of system configurations for identification of security weaknesses or misconfigurations.
- Research known vulnerabilities and manually validate scanner finding.
- Document security weaknesses, including steps to reproduce.
- Analyze security findings, including risk analysis and root cause analysis.
- Research and propose practical remediation.
Years of Experience Required: 5+ years
Education Requirements: Bachelors Degree
Required Skills/Qualifications/Certifications:
- Strong knowledge and experience with Linux based operating systems and Linux based testing tools
- Experienced with common penetration testing tools and frameworks (Kali Linux, Metasploit, Burp Suite / ZAP, Nessus, etc.)
- Experienced with virtual machine platforms and remote testing solutions
- Experienced with cloud computing infrastructures and cloud assessment techniques and tools
- Experienced with NIST SP 800-53 controls and testing against these requirements
- Experienced with testing methodologies such as NIST SP 800-115, OSSTMM, or the OWASP Testing Guide.
- Reliable team player
- Independent / capable of working effectively and efficiently with minimal supervision
- Strong time management skills
- Highly organized and detail oriented
- Understanding of Internet (HTTP, FTP, etc.) and network (SMB, TCP/IP, etc.) protocols
- Working knowledge with both Windows and Unix operating systems
- Technologist mentality (follows, learns, and applies technology trends through self-initiation)
- Persistent and undeterred work ethic
Preferred Skills/Qualifications/Certifications:
- Able to properly install, configure, and run common open-source testing tools
- Experience with web languages including JavaScript, PHP, Java, Swift, and .NET
- Familiarity with Microsoft SQL Server and Oracle database concepts
- Familiarity with application DevOps concepts, tools, and technologies
- Scripting experience (Python, Bash, Ruby, PowerShell, Command Shell, etc.)
- Experience developing MetaSploit modules, Nessus plugins, and exploit automation
- Relevant certifications a plus (OSCP, OSCE, CISSP, GPEN, C|EH, Security+, Network+, etc.)
Clearance:
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements.
Compensation:
At Aerstone, we value your time and wellbeing. Our benefit offerings include healthcare, retirement plan, flexible leave program, and training and certification assistance. See a little bit more about those benefits below:
- Health Care:
Aerstone pays for 100% of the costs of Carefirst medical and pharmacy up to each employee’s Annual Deductible.
We also offer excellent dental and vision plans through Concordia Dental and Superior Vision. Aerstone pays the premiums for employees. Aerstone also provides $50,000 in life insurance to each employee and pays the premiums for a long-term disability insurance policy.
- Retirement Plan:
Aerstone offers a 401(k) plan through Fidelity Investments with 10% profit sharing.
- Flexible Leave Program:
Aerstone has a flexible leave policy, which means that everyone is on their honor to put in an honest day’s work for an honest day’s pay. You take the time you need, when you need it.
- Training and Certification Assistance:
Aerstone recognizes that technical training is an important part of professional development, and extremely valuable to the company.
We have always been committed to budgeting funds for yearly employee training and encourage all employees to develop their own training plan.
Possible training includes keeping current on industry or technology changes and enhancements, learning new software tools and concepts, attending industry events, earning CPE credits as required to maintain existing certifications, and achieving new certifications
EEOC:
Equal Employment Opportunity has been, and will continue to be, a fundamental principle at Aerstone, where employment is based upon personal capabilities and qualifications without discrimination because of race, color, religion, sex, age, national origin, familial status, disability, veteran status, sexual orientation, health/genetic information, or any other protected characteristic as established by law.
In compliance with federal EEOC regulations, the selected employee will work on a cleared contract and therefore be required to hold U.S. citizenship.
