The Senior Penetration Tester provides Penetration Testing and Vulnerability Analysis support to a cabinet level federal agency. They contribute to a team of information assurance professionals working to improve technical security posture.
- Execution of pen testing and vulnerability analysis on web applications, network infrastructure, operating system infrastructures, and virtual environments. Briefing executive summaries and findings to stakeholders.
- Creating unique exploit code, bypassing AV, and mimicking adversarial threats.
- Assist in performing analysis and mitigation of security vulnerabilities with personnel throughout the globe.
- Writing deliverable test reports.
- Maintaining proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities.
- Mentoring junior and middle level staff members.
- Must possess five (5) years of substantive IT knowledge and demonstrate hands-on expertise and/or training in areas of emerging technologies.
- The candidate must have hands-on experience and expertise with ethical hacking, firewall and intrusion detection/prevention technologies, secure coding practices and threat modeling.
- Be a self-starter with keen analytical skills, curiosity, agility, and adaptability.
- The ability to work quickly, willingness to work on ad hoc assignments, work independently as needed, strong written and verbal communication skills, and recognizing the importance of being a team player.
- In addition the candidate must possess the following skill set:
- Able to conduct Penetration Tests and Vulnerability Analysis using Automated and Manual TTPs.
- Have an understanding of common Web Application vulnerabilities like SQLi, XSS, CSRF, and HTTP Flooding.
- Must be able to use at least two of the following proficiently and instruct others on them: Nessus, Burp Suite, Metasploit, Framework/Pro, and the Social Engineering Toolkit.
- Must have solid working experience and knowledge of Windows and Unix/Linux operating system
- Firm understanding of network and system architecture and analysis. Fundamentals of network routing & switching, assessing network device configurations, and operating systems (Windows/*nix)
- Scripting (Windows/*nix), Bash, Python, Perl or Ruby, Systems Programming
- Strong familiarity with at least one of the following: OWASP top 10, PTES and NSA Vulnerability and Penetration Testing Standards
- Must be able to work alone or in a small group.
- Master’s degree in Computer Science, Information Systems, Engineering, Telecommunications, or similar field
- Certifications preferred but not required:
- OSCP, GPEN, GWAPT, CEH, or other penetration testing certificates
- Minimum Interim Secret required to start
- Must be eligible for TS SCI
Novetta, from complexity to clarity.
Novetta delivers highly scalable advanced analytics and secure technology solutions to address challenges of national and global significance. Focused on mission success, Novetta pioneers disruptive technologies in machine learning, data analytics, full-spectrum cyber, cloud engineering, open source analytics, and multi-INT fusion for Defense, Intelligence Community, and Federal Law Enforcement customers. Novetta is headquartered in McLean, VA with over 1,300 employees across the U.S.
Our culture is shaped by a commitment to our core values:
Integrity • We hold ourselves accountable to the highest standards of integrity and ethics.
Customer Success • We strive daily to exceed expectations and achieve customer mission success.
Employee Focus • We invest in our employees’ professional development and training, respecting individuality, and fostering a culture of diversity and inclusion.
Innovation • We know that discovering new and innovative ways to solve problems is critical to our success and makes us a great company.
Excellence in Execution • We take pride in flawless execution as we build a company that is best in class.
Earn a REFERRAL BONUS for the qualified people you know.
For more details or to submit a referral, visit bit.ly/NovettaReferrals.
Novetta is an equal opportunity/affirmative action employer.
All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.