Join our Talent Network >

Senior Penetration Tester

Job ID: 2012737
Location: BETHESDA, MD, United States
Date Posted: Aug 28, 2020
Category: Cyber
Subcategory: Cyber Eng/Archt
Schedule: Full-time
Shift: Day Job
Travel: No
Minimum Clearance Required: TS/SCI with Poly
Clearance Level Must Be Able to Obtain: None
Potential for Remote Work: No

Share: mail

Job Description

Description

The Senior Cyber Security Penetration Tester plans, communicates, coordinates and conducts security assessments for applications, systems and enterprise networks. The overall goal of the penetration tester is to proactively identify weaknesses and ensure that devices, applications, services, and systems are designed and implemented to the highest standards and remain resilient to modern threats.


The penetration tester pro-actively conducts engagements that simulate adversarial threats and attacks in a timely manner within approved scopes by taking the vulnerabilities out of the theoretical realm to truly demonstrate the risk with the use existing tools as well as self-created tools including but not limited to creating & customizing exploits and reversing binaries to find security vulnerabilities. The penetration tester helps with the design, development and recommendation of security solutions or new policies, standards and procedures.


Constant collaboration must be managed with various organizational partners including, but not limited to the blue teams, data owners, system owners & control owners to make sure the impact of the risk is understood and managed. The Senior Cyber Security Penetration Tester must establish an excellent trust relationship with the organization and with the cyber defenders to ensure acceptable levels of risk are always maintained for the organization.

Job responsibilities:

    • Plan, communicate, coordinate and perform penetration testing, application testing, and security assessments at application, system and enterprise level
    • Develop automation/scripts for replicating vulnerability validation and penetration tests
    • Devise plans and scenarios for various types of penetration tests
    • Experience with interpreted or compiled languages: Python, Ruby, Perl, PHP, C/C++, Java, C#
    • Experience with various testing tools, such as Kali Linux, Metasploit, Nmap, Nessus, Burp Suite, etc.
    • Well versed in system exploits (e.g. Buffer Overflows, PTH attacks, windows authentication framework, fuzzing, memory corruption and exploit development, etc.), network exploitation (e.g. VLAN hopping) or web application exploitation
    • Familiar with offensive TTPs (Tactics, Techniques and Procedures) including post-exploitation and lateral movement

Qualifications

  • Active TS/SCI with Poly is required
  • Bachelor’s Degree in Information Technology, Computer Science, Cybersecurity, Customer Security
  • +6 years of Information Security Experience preferably in penetration testing, red teaming, reverse engineering and vulnerability management
  • Professional Security Certifications such as (OSCP/OSCE-Offensive Security Certified Professional/Expert, GXPN-Sans GIAC exploit researcher and advanced Pen Tester, or CRTOP-Certified Red Team Operation Professional, etc).
  • Experience with interpreted or compiled languages: Python, Ruby, Perl, PHP, C/C++, Java, C#
  • Experience with various testing tools, such as Kali Linux, Metasploit, Nmap, Nessus, Burp Suite, etc.
  • Well versed in system exploits (e.g. Buffer Overflows, PTH attacks, windows authentication framework, fuzzing, memory corruption and exploit development, etc.), network exploitation (e.g. VLAN hopping) or web application exploitation
  • Familiar with offensive TTPs (Tactics, Techniques and Procedures) including post-exploitation and lateral movement
              Desired:
              • +2 years of experience within governmental sectors
              • Prior experience or expertise performing Red team exercises


              Overview

              SAIC is a premier technology integrator solving our nation's most complex modernization and readiness challenges. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes high-end solutions in engineering, IT, and mission solutions. Using our expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has pro forma annual revenues of nearly $7.1 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom. For SAIC benefits information, see Working at SAIC. EOE AA M/F/Vet/Disability

              Share: mail

              Similar Jobs

              Senior Information Systems Security Engineer (ISSE)

              ANNAPOLIS JUNCTION, MD, United States
              Cyber

              Principal Cyber Security Analyst

              RESTON, VA, United States
              Cyber

              Cyberspace Intelligence Analyst II

              FORT MEADE, MD, United States
              Cyber

              Cyberspace Joint Operations Planner III

              FORT MEADE, MD, United States
              Cyber

              Sr. Cyber Security Analyst

              ARLINGTON, VA, United States
              Cyber

              Computer Network Defense/Incident Response Analyst

              FORT MEADE, MD, United States
              Cyber

              Nessus Scanning Administrator

              WASHINGTON, DC, United States
              Cyber

              Cyber Operations Specialist Principal

              FORT MEADE, MD, United States
              Cyber

              Cyberspace Analyst II

              FORT MEADE, MD, United States
              Cyber

              Information System Security Manager

              CHANTILLY, VA, United States
              Cyber

              Cyber Security Analyst

              RESTON, VA, United States
              Cyber

              Splunk Administrator

              WASHINGTON, DC, United States
              Cyber

              Information Systems Security Officer

              FORT MEADE, MD, United States
              Cyber

              Security Operations Analyst - SOC Analyst 2

              VIENNA, VA, United States
              Cyber

              Security Operations Analyst - SOC Analyst 2

              VIENNA, VA, United States
              Cyber

              Senior ISSO

              RESTON, VA, United States
              Cyber

              Cyber Security Lead

              STERLING, VA, United States
              Cyber

              Information Systems Security Officer

              FORT MEADE, MD, United States
              Cyber

              Chief Security Architect

              WASHINGTON, DC, United States
              Cyber

              Cyber Security CND SME

              RESTON, VA, United States
              Cyber

              Cyber Eng/Archt Chief

              WASHINGTON DC, DC, United States
              Cyber

              Senior Cyber Security Specialist

              FORT BELVOIR, VA, United States
              Cyber

              Senior Penetration Tester

              BETHESDA, MD, United States
              Cyber

              Information Systems Security Officer

              WASHINGTON DC, DC, United States
              Cyber