Penetration Tester

Sterling VA (and remote), United States

Applications have closed

VOSAGO

Vosago specializes in IT Staffing, IT Federal Subcontracting, and Executive Recruiting.

View all jobs at VOSAGO

Location:  Remote and/or local to the Northern Virginia area

On-site visits:  Occasional on-site meetings may be required at our Sterling Virginia office

Responsibilities: ​​​

Conduct complete penetration tests, report on results, and provide improvement recommendations
Ensure customer satisfaction through the delivery of high-quality consulting services across a portfolio of commercial and federal government projects
Ability to elicit and understand customer requirements and covert those requirements into a technical services solution
Ability to accurately estimate time and cost for each project
Foster an environment of continuous learning, innovation and excellence
Work closely with development teams, product managers, and customer success teams to ensure successful delivery of consulting services or product implementation projects and remove roadblocks
Develop, review and approve formal statements of work, change requests, and proposals
Formulate timely reports and documentation to track progress
Effectively collaborate with peers and company leadership to accomplish team, corporate and client objectives
Answer developer, designer, and content contributor questions about IT Security requirements. 
Experience Requirements:

Minimum of 5 years of experience in penetration testing
Desired certifications – Security+, CEH, GPEN, OSCP, AWS, or equivalent
Understanding of OWASP Top 10 and “industry best practices” for penetration testing
Understanding of all aspects of Penetration Testing with an emphasis on white box testing, black box testing, internal networks, external networks, web applications, and application/code review
Understanding of Pen Test methods such as Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP), Penetration Testing Execution Standard (PTES), FedRAMP Penetration Test Guide, NIST, etc.
Proficient with the command line interface of multiple operating systems – Windows, macOS, Linux, etc.
Solid understanding of manual scripting and scripting languages- ex. Python, Bash, PowerShell, C/C++, etc.
Proficient with using commercial and open source penetration testing tools – ex. Metasploit, Nikto, SQLMAP, Responder, Nessus, Netcat, Burp Suite, etc.
Conduct and document vulnerability scans and penetration testing on web-based applications and their underlying hosts
Proven ability to perform computer network vulnerability assessment and penetration testing
Understanding of risk planning and mitigation strategies
Ability to prepare and present documents and briefing materials
Advise on new threats to the technologies and environment and provide mitigation steps when applicable
Provide security guidance on design, deployment, and architecture of web-based and cloud hosted applications.
Participate in technical discussions and collaborate with team members
Exceptional communication skills - both orally and written
Strong customer service skills
Strong organizational and time-management skills with the ability to handle multiple tasks at once, while still paying attention to detail
A strong work ethic and self-starter attitude, with the ability to thrive in a fast-paced environment
Bachelor’s degree in a related field or equivalent work experience and advance

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  41  7  0
Category: PenTesting Jobs

Tags: Application security AWS Bash Black box Burp Suite C CEH Cloud FedRAMP GPEN Linux MacOS Metasploit Nessus NIST Open Source OSCP OWASP Pentesting PowerShell Python Scripting Vulnerability scans White box Windows

Perks/benefits: Career development

Regions: Remote/Anywhere North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.