Mobile_menu_button_hd

Penetration Tester/Security Control Assessor - Top Secret required

OBXtek

Job Description

OBXtek is seeking an experienced Penetration Tester / Security Control Assessor to support the Department of State Consular Affairs (CA) Bureau. 

OBXtek provides CA support for advanced penetration testing, static (manual and automated) and dynamic code reviews; ensuring that the production environment is securely configured and operational.

Design penetration tests exercises to test the overall strength of a system as defined in the SSP defenses (technology, processes, and people) by simulating the objectives and actions of an attacker.

Once the penetration test is completed, the pen-tester analyzes findings, creates actionable findings reports, assists stakeholders in understanding and remediating findings, and documenting processes.

Working with the following:

  • Using appropriate penetration testing tools (e.g., Nessus Pro, Tenable.sc, Kali Linux, Burp Suite, and examples in NIST 800-115)
  • Penetration Testing (skills and methodology)
  • Application Security Testing
  • Operating systems (LINUX, Windows, Android, iOS)
  • Vulnerability Scanning
  • Application servers
  • Web servers (IIS, Tomcat, and Apache)
  • Database management systems (Oracle, SQL Server, MySQL)
  • Programming and scripting languages as needed
  • Source Code Security Analysis
  • Reverse engineering
  • Exploit development
  • Network devices (firewalls, routers, switches)
  • Network protocols
  • Social Engineering
  • Network Sniffing
  • Password Cracking and Compliance Testing
  • Computer Forensic fundamentals
  • Network Discovery
  • Remote Access Testing
  • Network Port and Service Identification
  • Application build process & tools

Job Requirements

Must have an Active Top Secret Clearance

Bachelor’s Degree with 5-10 years of experience

Must have minimum 5 years of combined Security Control Assessor, Pentester, Incident Responder, Network Engineer or System Administrator experience

Must have Web Application Pentesting experience

Must have Tenable Nessus experience

Recommended:

CEH, GPEN, CAP, CISSP or other IT and security-related certification

Apply
Apply

Job Snapshot

Location US-VA-McLean
Employment Type Full-Time
Pay Type Year
Pay Rate N/A
Store Type IT & Technical
Other Compensation: 0

Recommended Jobs for You

Privacy Tips

For your privacy and protection, when applying to a job online:

Never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction.

Terms & Conditions
Snapshot
OBXtek
Company:
US-VA-McLean
Location:
Full-Time
Employment Type:
Year
Pay Type:
N/A
Pay Rate:
IT & Technical
Store Type:

Job Description

OBXtek is seeking an experienced Penetration Tester / Security Control Assessor to support the Department of State Consular Affairs (CA) Bureau. 

OBXtek provides CA support for advanced penetration testing, static (manual and automated) and dynamic code reviews; ensuring that the production environment is securely configured and operational.

Design penetration tests exercises to test the overall strength of a system as defined in the SSP defenses (technology, processes, and people) by simulating the objectives and actions of an attacker.

Once the penetration test is completed, the pen-tester analyzes findings, creates actionable findings reports, assists stakeholders in understanding and remediating findings, and documenting processes.

Working with the following:

  • Using appropriate penetration testing tools (e.g., Nessus Pro, Tenable.sc, Kali Linux, Burp Suite, and examples in NIST 800-115)
  • Penetration Testing (skills and methodology)
  • Application Security Testing
  • Operating systems (LINUX, Windows, Android, iOS)
  • Vulnerability Scanning
  • Application servers
  • Web servers (IIS, Tomcat, and Apache)
  • Database management systems (Oracle, SQL Server, MySQL)
  • Programming and scripting languages as needed
  • Source Code Security Analysis
  • Reverse engineering
  • Exploit development
  • Network devices (firewalls, routers, switches)
  • Network protocols
  • Social Engineering
  • Network Sniffing
  • Password Cracking and Compliance Testing
  • Computer Forensic fundamentals
  • Network Discovery
  • Remote Access Testing
  • Network Port and Service Identification
  • Application build process & tools

Job Requirements

Must have an Active Top Secret Clearance

Bachelor’s Degree with 5-10 years of experience

Must have minimum 5 years of combined Security Control Assessor, Pentester, Incident Responder, Network Engineer or System Administrator experience

Must have Web Application Pentesting experience

Must have Tenable Nessus experience

Recommended:

CEH, GPEN, CAP, CISSP or other IT and security-related certification

Penetration Tester/Security Control Assessor - Top Secret required Apply now