Penetration Tester
Sterling VA (and remote), United States
VOSAGO
Vosago specializes in IT Staffing, IT Federal Subcontracting, and Executive Recruiting.
Location: Remote and/or local to the Northern Virginia area
On-site visits: Occasional on-site meetings may be required at our Sterling Virginia office
Responsibilities:
Conduct complete penetration tests, report on results, and provide improvement recommendations
Ensure customer satisfaction through the delivery of high-quality consulting services across a portfolio of commercial and federal government projects
Ability to elicit and understand customer requirements and covert those requirements into a technical services solution
Ability to accurately estimate time and cost for each project
Foster an environment of continuous learning, innovation and excellence
Work closely with development teams, product managers, and customer success teams to ensure successful delivery of consulting services or product implementation projects and remove roadblocks
Develop, review and approve formal statements of work, change requests, and proposals
Formulate timely reports and documentation to track progress
Effectively collaborate with peers and company leadership to accomplish team, corporate and client objectives
Answer developer, designer, and content contributor questions about IT Security requirements.
Experience Requirements:
Minimum of 5 years of experience in penetration testing
Desired certifications – Security+, CEH, GPEN, OSCP, AWS, or equivalent
Understanding of OWASP Top 10 and “industry best practices” for penetration testing
Understanding of all aspects of Penetration Testing with an emphasis on white box testing, black box testing, internal networks, external networks, web applications, and application/code review
Understanding of Pen Test methods such as Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP), Penetration Testing Execution Standard (PTES), FedRAMP Penetration Test Guide, NIST, etc.
Proficient with the command line interface of multiple operating systems – Windows, macOS, Linux, etc.
Solid understanding of manual scripting and scripting languages- ex. Python, Bash, PowerShell, C/C++, etc.
Proficient with using commercial and open source penetration testing tools – ex. Metasploit, Nikto, SQLMAP, Responder, Nessus, Netcat, Burp Suite, etc.
Conduct and document vulnerability scans and penetration testing on web-based applications and their underlying hosts
Proven ability to perform computer network vulnerability assessment and penetration testing
Understanding of risk planning and mitigation strategies
Ability to prepare and present documents and briefing materials
Advise on new threats to the technologies and environment and provide mitigation steps when applicable
Provide security guidance on design, deployment, and architecture of web-based and cloud hosted applications.
Participate in technical discussions and collaborate with team members
Exceptional communication skills - both orally and written
Strong customer service skills
Strong organizational and time-management skills with the ability to handle multiple tasks at once, while still paying attention to detail
A strong work ethic and self-starter attitude, with the ability to thrive in a fast-paced environment
Bachelor’s degree in a related field or equivalent work experience and advance
On-site visits: Occasional on-site meetings may be required at our Sterling Virginia office
Responsibilities:
Conduct complete penetration tests, report on results, and provide improvement recommendations
Ensure customer satisfaction through the delivery of high-quality consulting services across a portfolio of commercial and federal government projects
Ability to elicit and understand customer requirements and covert those requirements into a technical services solution
Ability to accurately estimate time and cost for each project
Foster an environment of continuous learning, innovation and excellence
Work closely with development teams, product managers, and customer success teams to ensure successful delivery of consulting services or product implementation projects and remove roadblocks
Develop, review and approve formal statements of work, change requests, and proposals
Formulate timely reports and documentation to track progress
Effectively collaborate with peers and company leadership to accomplish team, corporate and client objectives
Answer developer, designer, and content contributor questions about IT Security requirements.
Experience Requirements:
Minimum of 5 years of experience in penetration testing
Desired certifications – Security+, CEH, GPEN, OSCP, AWS, or equivalent
Understanding of OWASP Top 10 and “industry best practices” for penetration testing
Understanding of all aspects of Penetration Testing with an emphasis on white box testing, black box testing, internal networks, external networks, web applications, and application/code review
Understanding of Pen Test methods such as Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP), Penetration Testing Execution Standard (PTES), FedRAMP Penetration Test Guide, NIST, etc.
Proficient with the command line interface of multiple operating systems – Windows, macOS, Linux, etc.
Solid understanding of manual scripting and scripting languages- ex. Python, Bash, PowerShell, C/C++, etc.
Proficient with using commercial and open source penetration testing tools – ex. Metasploit, Nikto, SQLMAP, Responder, Nessus, Netcat, Burp Suite, etc.
Conduct and document vulnerability scans and penetration testing on web-based applications and their underlying hosts
Proven ability to perform computer network vulnerability assessment and penetration testing
Understanding of risk planning and mitigation strategies
Ability to prepare and present documents and briefing materials
Advise on new threats to the technologies and environment and provide mitigation steps when applicable
Provide security guidance on design, deployment, and architecture of web-based and cloud hosted applications.
Participate in technical discussions and collaborate with team members
Exceptional communication skills - both orally and written
Strong customer service skills
Strong organizational and time-management skills with the ability to handle multiple tasks at once, while still paying attention to detail
A strong work ethic and self-starter attitude, with the ability to thrive in a fast-paced environment
Bachelor’s degree in a related field or equivalent work experience and advance
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
24
3
0
Category:
PenTesting Jobs
Tags: Application security AWS Bash Black box Burp Suite C CEH Cloud FedRAMP GPEN Linux MacOS Metasploit Nessus NIST Open Source OSCP OWASP Pentesting PowerShell Python Scripting Vulnerability scans White box Windows
Perks/benefits: Career development
Regions:
Remote/Anywhere
North America
Country:
United States
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Penetration Tester jobsInformation Security Specialist jobsSenior Cybersecurity Engineer jobsInformation Security Officer jobsInformation Systems Security Officer jobsSenior Cyber Security Engineer jobsInformation System Security Officer jobsPrincipal Security Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsSenior Penetration Tester jobsCloud Security Architect jobsIT Security Engineer jobsChief Information Security Officer jobsStaff Security Engineer jobsSenior Information Security Analyst jobsCyber Security Specialist jobsSecurity Specialist jobsCybersecurity Consultant jobsThreat Intelligence Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsInformation System Security Officer (ISSO) jobsSenior Product Security Engineer jobsSenior Information Security Engineer jobs
CI/CD jobsRMF jobsEncryption jobsSDLC jobsMalware jobsSQL jobsForensics jobsGDPR jobsIPS jobsSplunk jobsEDR jobsTop Secret jobsIDS jobsDoDD 8570 jobsFinance jobsITIL jobsBash jobsOWASP jobsUNIX jobsCompTIA jobsTerraform jobsCRISC jobsIntrusion detection jobsDocker jobsGIAC jobs
TCP/IP jobsData Analytics jobsSANS jobsThreat detection jobsActive Directory jobsPolygraph jobsBanking jobsCCSP jobsClearance Required jobsOSCP jobsAnsible jobsVPN jobsSOAR jobsIT infrastructure jobsCyber defense jobsSOC 2 jobsJavaScript jobsGCIH jobsSecurity strategy jobsDNS jobsJira jobsSOX jobsOracle jobsArtificial Intelligence jobsSAP jobs