Penetration Tester jobs in United States
cer-icon
Apply on Employer Site
company-logo

Unisity, LLC · 1 month ago

Penetration Tester

positionAnnapolis Junction, Maryland
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$210K/yr - $220K/yr
date12+ years exp

Unisity, LLC is a Service-Disabled Veteran Owned Small Business providing expert services in the Information Technology fields. They are seeking a Lead Penetration Tester to join a high-performing agile team, responsible for ensuring the security of enterprise-wide information systems and conducting penetration tests to identify and mitigate vulnerabilities.

Information Services
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Perform internal and external pentests against systems to determine vulnerabilities and develop mitigation strategies
Perform web app pentests
Perform vulnerability risk assessments
Perform physical pentests and social engineering analysis
Perform cyber incident response as needed
Evaluate the impact of new development on the operational security posture of IT systems
Evaluate, review, and test critical software
Formulate security compliance requirements for new system features
Identify and remediate security issues throughout the system
Audit and assess system security configuration settings using common methodologies and tools
Work with development teams to enrich team-wide understanding of different types of vulnerabilities, attack vectors, and remediation approaches
Work closely with System Engineering, Test Engineering, and Integration teams to ensure hardware and software architecture and implementations meet strict security requirements
Propose, assess, coordinate, implement, and enforce information systems security policies, standards, and methodologies
Serve as a Subject Matter Expert in security architecture, to include providing advice to Program Managers, Customer technical experts, and internal program teams

Qualification

Penetration testing toolsWeb application pentestsIT security risk assessmentsCyber Kill Chain methodologyProgramming in PythonWeb development languagesKali LinuxIPS/IDS solutionsRisk Management FrameworkSecurity complianceIncident responseCollaboration skillsProject management

Required

Must have experience with penetration testing tools
Must have experience in web development and programming languages such as Java, XML, Perl and HTML
Must have experience with programming/scripting in Python, Powershell, C, JavaScript, etc
Must have extensive experience performing IT security risk assessments
Must have experience performing web app and physical pentests
Must have experience with or strong familiarity of the following Web Application tools; Burp Suite, Web Inspect, Appdetective
Must have experience with or strong familiarity of Kali
Must have experience with or strong familiarity of IPS/IDS solutions
Must have a strong understanding of the Cyber Kill Chain methodology
Must have experience applying Risk Management Framework
Must have experience with secure configurations of commonly used desktop and server operating systems
Must have the ability to effectively collaborate with technical staff and customers to form mitigation strategies and plan for continuous modernization and legacy integration
Must have experience managing multiple projects simultaneously and quickly and effectively adjusting to shifting priorities in resolving issues

Preferred

Bachelor's degree in a technical/information assurance field and at least 12 years of relevant experience
Certifications in one or more of the following areas strongly preferred: GIAC Web Applications Penetration Tester (GWAPT), GIAC Penetration Tester (GPEN), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), Certified Web Application Defender (GWEB), Certified Information System Security Professional (CISSP)
Extensive experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response
Extensive experience providing information assurance support for application development that includes system security certifications and project evaluations for firewalls that encompass development, design, and implementation

Benefits

A Choice of Medical Plan Options, some with Health Savings Account (HSA)
Vision and Dental
Life and AD&D Benefits (Company Paid)
Short and Long-Term Disability (Company Paid)

Company

Unisity, LLC

twitter
company-logo
Unisity, LLC is a Service-Disabled Veteran Owned Small Business company providing expert services in the Information Technology fields supporting a wide variety of customers in various environments.
dateFounded in 2013
location
Severna Park, Maryland, US
people-size2-10 employees
web-link
https://www.unisity.tech/

Funding

Current Stage
Early Stage
Company data provided by crunchbase