Principal Penetration Testing and Vulnerability Analysis

Arlington, VA

Posted: 07/12/2019 Employment Type: Contract to Hire Industry: ERT Job Number: 229727

Principal Penetration Testing and Vulnerability Analyst
  • A principal penetration and vulnerability analyst is required for a contract position in Arlington, VA.
  • Lead Red Cell assessments
  • Assess and enhance current processes for penetration testing and vulnerability assessment
  • Recommend mitigation and remediation strategies based upon the class and category of vulnerability
  • Performs Leadership Support and Penetration Testing on web and other applications, network infrastructure and operating system infrastructures.
  • Briefs executive summary and findings to stakeholders to include Sr. Leadership
  • Have an understanding of how to create unique exploit code, bypass AV and mimic adversarial threats.
  • Assesses the current state of the customer’ s system security by identifying all vulnerabilities and security measures.
  • A great opportunity to lead an offensive cyber security team of penetration testers and ethical hackers for a prestigious government subcontractor

Required Skills:
  • CISSP
  • Must show strong skills in Network and Web based Penetration Testing and be able to conduct Penetration Tests using Automated and Manual Methods
  • Have an understanding of common Web Application vulnerabilities like SQLi, XSS, CSRF, and HTTP Flooding.
  • Must be able to use at least two of the following proficiently and instruct others on them:  Nessus, Burp, Metasploit Framework/Pro, and the Social Engineering Toolkit.  
  • Must have solid working experience and knowledge of Windows and Unix/Linux operating system
  • Scripting (Windows/*nix), Bash, Python, Perl or Ruby, Systems Programming
  • Strong familiarity with OWASP top 10, PTES and NIST 800-53.

 

Desired Skills:
  • OSCP, GIAC GPEN, GWAPT or other Penetration Testing certifications
  • Ability to perform static and/or dynamic code review.
  • Familiarity with Cloud solutions and how to test their security (Amazon Web Services, Microsoft O365 and Azure, Google Cloud, etc.)

Duration: 6 months contract to hire

Clearance: Secret
PLEASE NOTE: 3RD PARTIES/SUBCONTRACTORS/SUBCONTRACT AGENCIES ARE NOT ELIGIBLE FOR THIS POSITION.   SUBCONTRACT AGENCIES NEED NOT APPLY.
Apply Online

Send an email reminder to:

Share This Job:

Related Jobs: