Penetration Tester

Diverse Lynx - Reston, VA

posted 4 months ago

Full-time - Mid Level
Reston, VA
Administrative and Support Services

About the position

The Penetration Tester position at Diverse Lynx LLC involves conducting thorough network penetration testing and requires a solid understanding of network infrastructure. The role demands proficiency in various network protocols, particularly in their application for command-and-control channels. The candidate will be responsible for executing social-engineering assessments, which are critical for identifying vulnerabilities that could be exploited by malicious actors. Additionally, the position entails the development and modification of exploits, shellcode, and associated tooling, which are essential for effective penetration testing. The ideal candidate will have experience with a variety of security assessment tools, including but not limited to Nessus, Metasploit, Burp Suite Pro, Cobalt Strike, and Empire. A strong understanding of common cryptography techniques is also necessary, as is the ability to review source code for security flaws. The role requires conducting wireless security assessments and web application security assessments, ensuring that all potential vulnerabilities are identified and addressed. Candidates should be comfortable working with a range of operating systems and should possess scripting skills in Bash and PowerShell. Familiarity with applications and their architecture, particularly those built on languages such as C#, .NET, Go, Java, or similar, is also important for this role. The position is contract-based and requires on-site presence in Reston, VA, promoting a collaborative work environment.

Responsibilities

  • Conduct network penetration testing to identify vulnerabilities in network infrastructure.
  • Perform social-engineering assessments to evaluate security awareness and response.
  • Develop and modify exploits, shellcode, and associated tooling for penetration testing.
  • Utilize security assessment tools such as Nessus, Metasploit, Burp Suite Pro, Cobalt Strike, and Empire.
  • Review source code for security flaws and vulnerabilities.
  • Conduct wireless security assessments to ensure the integrity of wireless networks.
  • Perform web application security assessments to identify potential security risks.
  • Work with various operating systems and utilize scripting in Bash and PowerShell.

Requirements

  • Experience in network penetration testing and understanding of network infrastructure.
  • Proficiency in network protocols and their application for command-and-control channels.
  • Experience in carrying out social-engineering assessments.
  • Ability to develop and modify exploits, shellcode, and associated tooling.
  • Familiarity with security assessment tools like Nessus, Metasploit, Burp Suite Pro, Cobalt Strike, or Empire.
  • Understanding of common cryptography techniques.
  • Experience in reviewing source code for security flaws.
  • Experience in conducting wireless security assessments.
  • Experience in conducting web application security assessments.
  • Knowledge of applications and architecture built on languages like C#, .NET, Go, Java, or similar.

Nice-to-haves

  • Offensive Security Certified Professional (OSCP) certification.
  • Certified Red Team Professional (CRTP) certification.
  • GIAC Penetration Tester (GPEN) certification.
  • CREST Penetration Testing / CBEST Qualifications.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service