App Security Penetration Tester
Arlington, VA 22203
- Build out a comprehensive testing framework which combines internal and external testing vulnerability sources, security tools and vendor capabilities.
- Collaborate with software development, system engineering and architect peers to continually improve system design, implementation and operations
- Configure, run and monitor automated security testing tools
- Perform manual validation of vulnerabilities
- Perform manual penetration testing of client systems, web sites and networks to discover vulnerabilities
- Thoroughly document exploit chain/proof of concept scenarios for internal client consumption
- Working with technical security controls
- Programming experience in Python
- Familiarity with vulnerability assessment and penetration best practices
- Experience with vulnerability and penetration testing techniques and tools
- Possess one of the following certifications: Certified Information Systems Security Professional (CISSP), GIAC Penetration Tester (GPEN), GIAC Certified Incident Handler (GCEH), Offensive Security Certified Expert (OSCE), and Offensive Security Certified Professional (OSCP)
- 4+ years of application security penetration testing experience.
- Experience testing web and mobile platforms.
- Development experience, working knowledge of Java.
- Security testing tools including Metasploit, Nmap, Nessus, Burp Suite, OWASP ZAP Proxy
- Linux operating systems