Senior Risk and Vulnerability Assessment (RVA) Tester

US-MD-Baltimore
Job ID
2017-3044
# of Openings
1
Category
IT Security
Clearance
Public Trust
Work Authorization
US Citizens, preferred

Overview

VariQ has an exciting opportunity for a highly qualified Senior Risk and Vulnerability Assessment (RVA) Tester to support the CMS project in Maryland.

 

Additional Information:

  • LocationBaltimore, MD with 35% travel component
  • Salary: Dependent upon experience
  • Security Clearance: Must be able to obtain “Public Trust” level 6 clearance. (SF-85 and SF-86 submission required)
  • Available: ASAP

Responsibilities

  • Lead RVA teams
  • Perform RVA penetration activities utilizing various automated tools
  • Perform Network and Application penetration tests on a wide range of technologies using automated and manual testing techniques
  • Exploit security flaws and vulnerabilities with regard to a predefined scope of work and ROE
  • Interface with client(s) to plan and coordinate system assessments in a professional manner
  • Prepare and Deliver well documented reports identifying weaknesses with mitigation strategies

Qualifications

Requirements:

  • 8+ years of Security, Software Development or Networking Experience
  • 3+ years of Manual Penetration Testing Experience exploiting various well known vulnerabilities (SQLi, XSS, CSRF, etc)
  • 1+ years working with automated vulnerability scanning tools (e.g., Nessus, Web Inspect, etc.)
  • Demonstrated technical experience using Linux and Windows operating systems
  • Demonstrated experience using the following security tools Burpsuite, Kali Linux, NMap
  • Some network penetration testing experience (using the majority of the following: wireshark, metasploit, hydra, john, sqlmap
  • Excellent technical writing skills and attention to detail
  • Ability to work in a fast paced environment
  • Exceptional customer facing communication skills
  • GPEN, GWAPT, OSCP, CEH, and/or CISSP certified
  • Mentor junior staff
  • This work will require up to 35% of travel in the US Continental.

 

Desired:

  • Ability to understand and demonstrate new concepts and technologies quickly
  • Database Experience (Oracle, MSSQL, MySQL, MongoDB)
  • Application Fuzzing and Web Services testing experience (WSFuzzer, SPIKE, Sulley, SoapUI, BurpSuite)
  • Software Development and/or Scripting Experience in C++, Java, C#, perl, python or bash
  • Source Code Review (aka Static Analysis) Experience
  • Knowledge of NIST 800 series and/or FISMA

 

Clearance: US Citizen - Must be able to obtain “Public Trust” level 6 clearance. (SF-85 and SF-86 submission required).

 

 

VariQ is an equal opportunity employer.

 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed