Vulnerability Assessment Analyst and Penetration Tester jobs in United States
cer-icon
Apply on Employer Site
company-logo

SteelToad · 3 days ago

Vulnerability Assessment Analyst and Penetration Tester

positionAnnapolis, MD
timeFull-time
remoteOnsite
senioritySenior Level
date5+ years exp

SteelToad is a leading provider of IT Support, Cybersecurity and Training and Development to the Department of Defense. The Vulnerability Assessment Analyst and Penetration Tester is responsible for delivering continuous cyber assessments, solving complex technology problems, and ensuring high security standards for services, applications, and websites.

Cyber SecurityInformation TechnologyRisk ManagementTraining
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Perform manual assessment of systems, services, and software; specializing in security issues beyond those identified by static analysis tools
Responsible for application and hardware penetration testing, automating repetitive tasks using various scripting languages, mentoring, and leading other engineers to deliver complex penetration tests and vulnerability assessments
Drive automation, tooling, efficiency, and advance the teams penetration testing capabilities
Responsible for creating threat mitigation plans

Qualification

Penetration testingWindows Server administrationLinux Server administrationSecurity frameworksToolsNetwork defense technologiesThreat mitigation planningCybersecurity certificationsWritten communicationVerbal communication

Required

Five years of hands-on penetration testing experience with operating systems, web applications, and network infrastructure
Administrator-level knowledge of Windows and Linux Server operating systems
Experience with operating system security
Competent with testing frameworks and tools, such as Burp Suite, Metasploit, Cobalt Strike, Kali Linux, Nessus, PowerShell Empire
Knowledge of the functionality and capabilities of computer network defense technologies, including router Access Control Lists (ACLs), firewalls, Intrusion Detection System (IDS)/Intrusion Prevention System (IPS), antivirus/Endpoint Detection and Response (EDR), and web content filtering
Strong written and verbal communication skills, including the ability to explain complex technical topics to non-technical audiences
Possess one of the following certifications upon onboarding: Offensive Security Certified Professional (OSCP), Offensive Security Web Assessor (OSWA), GIAC Web Application Penetration Tester (GWAPT), GIAC Penetration Tester (GPEN)
Obtain one of the following certifications within 9 months of onboarding: GIAC Exploit Researcher and Advanced Penetration Tester (GXPN), Offsec Experienced Penetration Tester (OSEP), Offsec Web Expert (OSWE)
Secret security clearance

Benefits

Medical Insurance
Vision & Dental Insurance
Long Term & Short-Term Disability, Group Life and AD&D Insurance – 100% Employer Paid
Flexible Spending Plan
Health Savings Account
401(k) Savings Plan – 100% match for the first 3% contributed plus 50% of the next 2% contributed. (no vesting period and eligibility is your date of hire)
Paid holidays – Eleven (11) per year
Paid Time Off - One hundred-twenty (120) accrued hours per year
Professional Development Program

Company

SteelToad

twittertwitter
company-logo
SteelToad is an IT company that offers CMMC training, risk management, and cybersecurity services.
dateFounded in 2019
location
Baltimore, Maryland, USA
people-size11-50 employees
web-link
https://www.steeltoad.com

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
Dean Rock
Chief Executive Officer
linkedin
Company data provided by crunchbase