- 8+ years of Security, Software Development or Networking Experience
- 3+ years of Manual Penetration Testing Experience exploiting various well known vulnerabilities (SQLi, XSS, CSRF, etc)
- 1+ years working with automated vulnerability scanning tools (e.g., Nessus, Web Inspect, etc.)
- Demonstrated technical experience using Linux and Windows operating systems
- Demonstrated experience using the following security tools Burpsuite, Kali Linux, NMap
- Some network penetration testing experience (using the majority of the following: wireshark, metasploit, hydra, john, sqlmap
- Excellent technical writing skills and attention to detail
- Ability to work in a fast paced environment
- Exceptional customer facing communication skills
- GPEN, GWAPT, OSCP, CEH, and/or CISSP certified
- Mentor junior staff
- This work will require up to 35% of travel in the US Continental.
- Ability to understand and demonstrate new concepts and technologies quickly
- Database Experience (Oracle, MSSQL, MySQL, MongoDB)
- Application Fuzzing and Web Services testing experience (WSFuzzer, SPIKE, Sulley, SoapUI, BurpSuite)
- Software Development and/or Scripting Experience in C++, Java, C#, perl, python or bash
- Source Code Review (aka Static Analysis) Experience
- Knowledge of NIST 800 series and/or FISMA
Clearance: US Citizen - Must be able to obtain “Public Trust” level 6 clearance. (SF-85 and SF-86 submission required).
VariQ is an equal opportunity employer.