Job Description
Gray Tier Technologies is seeking a Web App Penetration Tester to support our DHS customer based out of Springfield Virginia.
Primary Responsibilities:
- Knowledge of penetration testing best practices and tool usage.
- Experience conducting penetration testing in the following disciplines:
- Web Application testing
- Network Penetration testing
- API and serverless penetration testing
- Cloud based penetration testing (one of the three):
- AWS
- Microsoft Azure
- Google Cloud Platform (GCP)
- Capable of working within guidance to safely support penetration testing operations as part of a managed team.
- Detailed knowledge of web application and network based penetration testing security tools.
- Provide expert level guidance to the customer regarding penetration testing and vulnerability assessment industry best practices.
Qualifications:
- Bachelors’ degree from an accredited college in a related discipline, or equivalent experience/combined education, with 8+ years of professional experience; or 6+ years of professional experience with a Masters’ degree.
- In addition to specific security clearance requirements all Department of Homeland Security SOC employees are required to obtain an Entry on Duty (EOD) clearance to support this program.
- 2 years in Pen Testing and Vulnerability Assessment
- 2-3 years of professional experience in incident detection and response, malware analysis, or cyber forensics.
- Experience with any three of the seven tools listed below:
- Kali Linux
- Metaspoilt
- Burp suite
- Cobalt Strike
- Tenable Nessus
- Web Inspect
- Scuba
- App detective
- PACU
- AWS CLI
- Scout Suite
- Active Top Secret clearance with SCI eligibility
Preferred Qualifications:
- Prior DHS IT security and/or audit experience preferred.
- Prior System Administrator experience a plus.
- Previous IT experience is preferred, specifically 7 years of professional experience in a Computer Science discipline is ideal.
- Penetration testing experience with Kubernetes and or Docker
- Mobile Application penetration testing experience
- Wireless penetration testing experience
- DHS Risk and Vulnerability Assessment (RVA) Operator certified
CLEARANCE REQUIRED:
• Must be have a current Public Trust or Secret clearance. Top Secret/SCI clearance preferred.
• Must be able to obtain and maintain an DHS Entry on Duty (EOD) clearance