Penetration Tester, Mid

$60,300 - $137,000/Yr

Booz Allen Hamilton - Huntsville, AL

posted 3 months ago

Part-time,Full-time - Mid Level
Huntsville, AL
Professional, Scientific, and Technical Services

About the position

As a Mid Penetration Tester at Booz Allen, you will play a crucial role in supporting both remote and onsite testing efforts of our client's networks to identify and expose weaknesses in their security systems. Your primary responsibility will be to maintain baseline system security in accordance with organizational policies while monitoring and evaluating the effectiveness of the enterprise's cybersecurity safeguards. This ensures that the implemented measures provide the intended level of protection against potential threats. You will collaborate with various stakeholders to resolve computer security incidents and ensure compliance with vulnerability management protocols. Additionally, you will be tasked with identifying, assessing, and recommending cybersecurity products that align with the organization's evaluation and validation requirements. In this role, you will leverage your expertise in penetration testing to conduct thorough assessments of network, application, and external security. You will create detailed Technical Assessment Reports that outline your findings and suggest remediation efforts. Your knowledge of penetration testing methodologies will be essential as you navigate through various testing scenarios. You will also be responsible for developing Rules of Engagement (ROE), test plans, and scripts to facilitate effective testing efforts. Your experience with security testing tools such as Burp Suite, SQLMap, Nmap, Nessus, Metasploit, or Cobalt Strike will be invaluable in executing your responsibilities. Furthermore, you will need to stay updated with the latest vulnerability information sources, including alerts, advisories, and bulletins, to ensure that your testing practices are informed by current threats. Your ability to communicate effectively and organize your findings will be critical in presenting your assessments to both technical and non-technical stakeholders. This position requires a Secret clearance, and candidates must either hold a Bachelor's degree or possess at least three years of experience in a cybersecurity or system administrator role in lieu of a degree.

Responsibilities

  • Support remote and onsite testing efforts of a client's network to expose weaknesses in security.
  • Maintain baseline system security according to organizational policies.
  • Monitor and evaluate the effectiveness of the enterprise's cybersecurity safeguards.
  • Work with stakeholders to resolve computer security incidents and vulnerability compliance.
  • Identify, assess, and recommend cybersecurity or cybersecurity-enabled products for use within a system.
  • Create Technical Assessment Reports detailing findings and remediation efforts.
  • Develop Rules of Engagement (ROE), test plans, and scripts to aid in testing efforts.
  • Conduct web application and API penetration testing.

Requirements

  • 1+ years of experience with penetration testing.
  • Experience with security testing tools such as Burp Suite, SQLMap, Nmap, Nessus, Metasploit, or Cobalt Strike.
  • Experience with penetration testing such as network, application, and external.
  • Experience creating Technical Assessment Reports which detail findings and remediation efforts.
  • Knowledge of penetration test methodology.
  • Secret clearance required.
  • Bachelor's degree or 3+ years of experience in a cybersecurity or system administrator role in lieu of a degree.

Nice-to-haves

  • Experience creating Rules of Engagement (ROE), test plans, and scripts to aid in testing efforts.
  • Experience conducting web application and API penetration testing.
  • Experience with network hardware devices and functions, and network traffic analysis methods.
  • Knowledge of defense evasion in enterprise environments and custom payload generation.
  • Knowledge of incident categories, incident responses, and timelines for responses.
  • Knowledge of network access, identity, and access management such as public key infrastructure, Oauth, OpenID, SAML, and SPML.
  • Possession of excellent verbal communication and organization skills.
  • GWAPT, GPEN, OSCP, or CRTP Certifications.

Benefits

  • Health insurance coverage.
  • Life insurance coverage.
  • Disability insurance coverage.
  • Financial and retirement benefits.
  • Paid leave.
  • Professional development opportunities.
  • Tuition assistance programs.
  • Work-life balance programs.
  • Dependent care support.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service