This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
Alpha Omega Integration - Vienna, VA
posted about 2 months ago
About the position
The Penetration Tester will join Alpha Omega's cybersecurity team to support federal customers by conducting penetration testing exercises to identify cyber weaknesses. This role involves evaluating findings using a risk-based approach, writing detailed reports on vulnerabilities, and collaborating with system admin teams and ISSOs to ensure effective remediation efforts. The position requires a broad understanding of various technologies and the ability to assess all layers of the enterprise stack.
Responsibilities
- Conduct penetration testing using approved tools and best practices
- Test AI models and applications, including GenAI models and applications
- Collaborate with Policy team members to develop technical standards for testing AI models and applications
- Create detailed reports including the findings and suggested remediations
- Perform security research to remain current on emerging technology trends
- Conduct risk-based assessments based on penetration testing findings and brief the same to senior leadership
- Review and suggest changes to Rules of Engagement to ensure desired outcomes
- Work with system teams and ISSOs on understanding findings and remediation guidance
- Manage and support development of pen testing SOPs
- Design scenarios for testing based on TTPs used by threat actors
Requirements
- No degree with 9 years relevant experience
- Bachelor's degree with 5 years relevant experience
- Master's degree with 3 years relevant experience
- Experience with packet analysis
- Familiarity with standard web security vulnerabilities (e.g., SQL injection, XSS, CSRF)
- Skills in network-level security testing
- Experience with hardening and remediation
- Experience conducting code reviews to identify risks & weaknesses
- Ability to collaborate and communicate effectively with cross-functional stakeholders
- Excellent written and verbal communication skills
- Experience documenting assessment findings and explaining risks to system stakeholders, including senior leaders
- General understanding of cloud environments and API security
Nice-to-haves
- 3+ years using standard penetration testing suites (Metasploit, nmap, burp suite, KaliLinux, etc.)
- Familiarity with common types of AI models and their specific vulnerabilities
- Working proficiency in Python
- Familiarity with AI-related cybersecurity threats and methods to test for model vulnerabilities
- Familiarity with MITRE ATT&CK framework
- Working knowledge of various enterprise technology stacks used to build applications in the cloud
- Working knowledge and experience in AWS and Azure GovClouds
Benefits
- PTO including paid parental, military, and bereavement leave
- Eleven (11) paid Federal holidays, five of which are floating holidays
- Health and Dental Insurance with 100% employer paid premiums for employee coverage under the HDHP health plan
- Life Insurance, STD/LTD term disability coverage with employer paid premiums
- 401 (k) plan with a match that is 100% vested after two years of service
- FSA/DFSA/HSA flexible benefit plans
- Annual Tuition & Professional Development Reimbursement benefit
