Penetration Tester

G

Gray Tier Technologies

Penetration Tester

Springfield, VA
Full Time
Paid
  • Responsibilities

    Gray Tier Technologies is seeking a Web App Penetration Tester to support our DHS customer based out of Springfield Virginia.

    Primary Responsibilities:

    • Knowledge of penetration testing best practices and tool usage.
    • Experience conducting penetration testing in the following disciplines:
      • Web Application testing
      • Network Penetration testing
      • API and serverless penetration testing
      • Cloud based penetration testing (one of the three):
        • AWS
        • Microsoft Azure
        • Google Cloud Platform (GCP)
    • Capable of working within guidance to safely support penetration testing operations as part of a managed team.
    • Detailed knowledge of web application and network based penetration testing security tools.
    • Provide expert level guidance to the customer regarding penetration testing and vulnerability assessment industry best practices.

    Qualifications:

    • Bachelors' degree from an accredited college in a related discipline, or equivalent experience/combined education, with 8+ years of professional experience; or 6+ years of professional experience with a Masters' degree.
    • In addition to specific security clearance requirements all Department of Homeland Security SOC employees are required to obtain an Entry on Duty (EOD) clearance to support this program.
    • 2 years in Pen Testing and Vulnerability Assessment
    • 2-3 years of professional experience in incident detection and response, malware analysis, or cyber forensics.
    • Experience with any three of the seven tools listed below:
      • Kali Linux
      • Metaspoilt
      • Burp suite
      • Cobalt Strike
      • Tenable Nessus
      • Web Inspect
      • Scuba
      • App detective
      • PACU
      • AWS CLI
      • Scout Suite
    • Active Top Secret clearance with SCI eligibility

    Preferred Qualifications:

    • Prior DHS IT security and/or audit experience preferred.

    • Prior System Administrator experience a plus.

    • Previous IT experience is preferred, specifically 7 years of professional experience in a Computer Science discipline is ideal.

    • Penetration testing experience with Kubernetes and or Docker

    • Mobile Application penetration testing experience

    • Wireless penetration testing experience

    • DHS Risk and Vulnerability Assessment (RVA) Operator certified

    CLEARANCE REQUIRED :
    • Must be have a current Public Trust or Secret clearance. Top Secret/SCI clearance preferred.

    • Must be able to obtain and maintain an DHS Entry on Duty (EOD) clearance