Penetration Tester II

Summary of Position

SiloSmashers is looking for a Penetration Tester to provide testing for weakness identification, exploitation, and analysis to determine the security impacts to current systems and networks. The individual will serve as principal security advisor on risk matters, technical and otherwise, involving the identification and prioritization of security risk to CISA CSD information systems.

Principle Duties and Responsibilities

• - Perform host, network, cloud, application-based penetration test assessments

• - Responsible for creating and updating the master schedule of all security assessments and for delivering it to the Government for approval

• - Develop standard operating procedures, security test plans, assessment schedules, Rules of Engagement for stakeholders' assessment results and recommendations and provide expert technical support for potential targets both before and after the assessment

• - Complete the following communication and reporting activities: assessment kickoff meeting, daily statuses, and out-brief meeting

• - Perform annual, ongoing, and ad-hoc assessments that support the continuous monitoring strategy for all systems with an ATO

• - Collaborate with authorizing officials and/or system owners to plan penetration test assessments as needed

• - Conduct source code reviews for security vulnerabilities

• - Conduct security assessments on a wide variety of technologies and implementations

Required Skills, Knowledge and Experience

• - BS/BA in Computer Science, Information Systems, Software Engineering or other related analytical, scientific or technical discipline.

• - 4+ years of penetration testing experience

• - 3+ years of experience pentesting cloud FedRamp systems (Azure, AWS, GCP)

• - Effective written and oral communication skills.

• - Previous Federal Government experience is a plus.

Security Clearance

• Minimum Secret

Work Location

• 100% remote with occasional on-site visits as needed