Penetration Tester, Mid

About the position

As a Penetration Tester at Booz Allen, you will play a key role in supporting both remote and onsite testing efforts of client networks to identify and expose weaknesses in security. Your primary responsibility will be to maintain baseline system security in accordance with organizational policies, while also monitoring and evaluating the effectiveness of the enterprise's cybersecurity safeguards to ensure they provide the intended level of protection. You will collaborate with stakeholders to resolve computer security incidents and ensure compliance with vulnerability standards. Additionally, you will be tasked with identifying, assessing, and recommending cybersecurity products for use within systems, ensuring that these products adhere to the organization's evaluation and validation requirements. In this role, you will leverage your experience in penetration testing, utilizing various security testing tools such as Burp Suite, SQLMap, Nmap, Nessus, Metasploit, and Cobalt Strike. You will conduct penetration testing across networks, applications, and external environments, and create detailed Technical Assessment Reports that outline your findings and remediation efforts. A solid understanding of penetration test methodologies is essential, as is the ability to keep up with the latest vulnerability information sources, including alerts, advisories, and bulletins. Your role will also involve creating Rules of Engagement (ROE), test plans, and scripts to facilitate testing efforts. You will conduct web application and API penetration testing, analyze network hardware devices and functions, and apply network traffic analysis methods. Knowledge of defense evasion techniques in enterprise environments, incident categories, and identity and access management protocols will be crucial to your success. Excellent verbal communication and organizational skills are necessary to effectively convey your findings and collaborate with team members and clients.