Penetration Tester
Description:
Job Description
Responsibilities:
Perform penetration testing, software assurance, and vulnerability assessment in support of HHS customers.
Interpret penetration testing results to identify and recommend corrective actions and/or mitigation strategies.
Produce and deliver reports on individual and enterprise software assurance efforts, working with service providers and individual programs/systems. Deliverable: Software Assurance Reports.
Identify and address security implications during software acceptance activities, including completion criteria, risk acceptance and documentation, common criteria, and methods of independent testing.
Perform security test assessments in support of HHS and system-specific software assurance efforts, working with service providers and individual programs.
Collaborate with DevSecOps team participants from other organizations to integrate information assurance and cybersecurity needs and practices on a continuous basis throughout Agile development activities including, but not limited to: requirements, design, implementation, testing, and delivery of new IT solutions, applications, services, and systems, or updating and enhancing existing ones.
Perform and document vulnerability assessments of Government-identified HHS systems (Deliverable: Vulnerability Assessment Reports).
Performs social engineering tests; analyzes technical security weaknesses; performs risk analyses; and develops exploits.
Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding and encryption.
Develops tools, techniques, training and countermeasures for computer and network vulnerabilities, data hiding and encryption.
Annually review and update, as needed, all security configurations within automated DevSecOps tools and manual processes to ensure compliance with IC policy. Upon government approval, implement changes to processes and technologies for penetration testing, software assurance, and vulnerability assessment activities, and report metrics in Monthly Status Reports.
REQUIRED SKILLS/EXPERIENCE:
Must have at least 6 years of penetration testing experience and 8 years of general work experience.
DESIRED SKILLS/EXPERIENCE:
Cyber security certifications as a Certified Ethical Hacker (CEH), OSCP, GPEN, or equivalent are preferred but not required.
Proficient in the use of Nessus Security Center, Wireshark, Web Application Scanning, Penetration Testing, BurpeSuite, Kali linux, and similar tools. Must have recent Software Assurance experience. Metasploit experience is preferred.
Linux and Cisco Routing and Switching experience.
EDUCATION LEVEL: Bachelor's Degree or Master's Degree in a technology discipline from an accredited university. A Master’s Degree may be substituted for 4 years of general work experience.
Company Description
PROTEK Consulting is a Woman-Owned Small Business led by an experienced team of industry veterans. Together, we make impeccable candidate-to-job matches delivering the right fit for our clients, every time. We work tirelessly in pursuit of the perfect match for our clients, with the ultimate goal of becoming one of their strategic business partners. We value and strive for a long-term relationship not short-term gain. We put our client’s interest in front of our own. We work really hard to understand our client’s underlying interests not just surface “wants”. We are genuinely passionate and enthusiastic about connecting our clients with the perfect match.
Full-time