VariQ

Senior Penetration Tester Team Lead

Job Locations US-VA
Job ID
2020-3583
Posted Date
1/24/2020
# of Openings
1
Category
Information Technology
Clearance
Public Trust
Work Authorization
US Citizens, preferred
Type
Contract - W2

Overview

VariQ has an exciting opportunity for a highly qualified Senior Penetration Tester Team Lead to support the USPTO project.

 

Additional Information:

  • Security Clearance: public trust required
  • Location: Alexandria VA
  • Available: upon award, currently in proposal stage

Responsibilities

  • Performing external and internal penetration tests using industry standard tools such as Metasploit, CoreImpact, Nmap, Burp Suite and etc;
  • Serve as the technical lead on penetration testing efforts;
  • Develop custom scripts or tools used for vulnerability scanning and identification as part of penetration testing;
  • Proficiency with red teaming tests in the performance of penetration testing; Proficiency in mobile application penetration testing,
  • Write custom exploit code, Metasploit modules, and attack tools are highly desired;
  • Source code review in C/C++, C#, VB.NET, ASP, PHP, or Java to identify security vulnerabilities;
  • Recommend remediation actions to mitigate valid findings

Qualifications

  • An active GPEN or OSCP cert
  • An active GWAPT or LPT cert
  • 7+ years of hand-on experience in performing external and internal penetration tests using industry standard tools such as Metasploit, CoreImpact, Nmap, Burp Suite and etc;
  • Management experience on a cyber security related contract, preferably leading penetration testing efforts
  • Experience writing custom scripts for vulnerability scanning
  • Thorough understanding of Windows and Linux based Operating Systems, networking (TCP/IP, Ports, Active Directory, DNS, and DHCP), Switch / Router configuration, and Security;
  • Proficiency with at least two scripting languages (e.g.Python, Bash, JavaScript, PowerShell);
  • Ability to write custom exploit code, Metasploit modules, and attack tools are highly desired;
  • Source code review experience in C/C++, C#, VB.NET, ASP, PHP, or Java to identify security vulnerabilities;
  • An understanding of cloud computing models, technologies and concepts; Understanding of FISMA, PCI, and Federal Risk and Authorization Management Program (FedRAMP) programs and penetration testing requirements associated with them;
  • Advanced written and verbal communication skills, strong analytical and interpersonal characteristics, and ability to work both independently and collaboratively.
  • Must have the ability to transport laptop/work equipment to and from work and home in order to support remote work, if required.

  

 

VariQ is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed