Not Authorized
You are currently not authorized to access this section.
Please contact your Administrator to change your authorization settings.
Please contact your Administrator to change your authorization settings.
Penetration Tester
Arlington, VA
Job Description
Penetration Tester
Ballston, Arlington, VA /
Engineering and Software Development - Penetration Tester /
Full Time
The Remote Penetration Testing (RPT) is a thorough assessment of a customer's external facing infrastructure. It includes but is not limited to a very thorough, hands-on Web Application test, security tests against internet-accessible network assets, phishing payload testing and open source intelligence gathering. At the conclusion of the assessment, the customer is provided a report with any external vulnerabilities found. RPT uses a dedicated remote team to assess and identify vulnerabilities and work with customers to eliminate exploitable pathways. RPTs are similar to Risk and Vulnerability Assessments but focus only on externally accessible systems with a tradeoff made for more service capacity at the expense of assessment scope.
Position Responsibilities Include:
- Knowledge of script writing and crafting of payloads
- Knowledge of database operations and system/network administration
- In-depth knowledge and understanding of operation of assessment tools (including but not limited to Metasploit, Nmap, Burp Suite, Powersploit, and Cobalt Strike)
- Ability to operate in a critical fashion in dynamic environments
- Knowledge of FISMA and NIST 800 series standards
- In-depth knowledge of network mapping, vulnerability scanning, penetration testing, and Web Application testing
- In-depth knowledge of the procedures of Phishing Assessments, Wireless Assessments, Operating System Security Assessments, and Database Assessments
Required Qualifications:
- Bachelor's Degree and 4-6 years' work experience or equivalent experience
- At least one related industry certification (OSCP, OSCE, GPEN, GXPN, or equivalent).
- Ability to obtain Public Trust approval and DHS Suitability (EOD)
- MUST BE WILLING TO TRAVEL up to 50% per month
- Experience with coordinating assessment equipment, including ensuring images on assessment equipment are up to date, equipment transport, setup and tear-down of equipment on-site, and general maintenance
- Experience operating assessment tools in accordance with VM Assessment Standard Operating Procedures
- Experience developing documentation and reporting (ex. Assessment report)
Desired Qualifications:
- Ability to obtain TS/SCI and DHS EOD
- Deep understanding of the methodology associated with penetration testing, such as creating Rules of Behavior, selection of pen testing team, and have a developed tool kit.
- Cloud experience a plus! (AWS or Azure)
- ANY OF THE BELOW CREDENTIALS ARE A PLUS!
- Licensed Penetration Tester (LPT) Master
- Offensive Security Certified Professional (OSCP)
- Certified Ethical Hacker (CEH)
- IACRB Certified Expert Penetration Tester (CEPT)
- IACRB Certified Expert Penetration Tester (CPT)
- Certified Red Team Operations Professional (CRTOP)
- CompTIA's PenTest+
- GIAC Exploit Researcher and Advanced Penetration Tester (GXPN); and/or
- GIAC Penetration Tester (GPEN)
EEO Statement
AnaVation is an Equal Employment/Affirmative Action employer. We do not discriminate in hiring on the basis of sex, gender identity, sexual orientation, race, color, religious creed, national origin, physical or mental disability, protected Veteran status, or any other characteristic protected by federal, state, or local law.
Job Summary
Start Date
As soon as possible
Employment Term and Type
Regular, Full Time
Required Education
Bachelor's Degree
Required Experience
4 to 6 years
Email this Job to Yourself or a Friend