Lead Penetration Tester with Security Clearance - Tyto Athene, LLC
Arlington, VA 22204
About the Job
Tyto Athene is searching for a Lead Penetration Tester to support our customer in Arlington, Virginia.
Responsibilities:
• Conduct vulnerability assessments
• Carry out penetration tests, perform social engineering tests
• Analyze technical security weaknesses
• Perform risk analyses and develop exploits
• Research and maintain proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding, and encryption
• Develop tools, techniques, training, and countermeasures for computer and network vulnerabilities, data hiding, and encryption.
Required:
• Bachelor's degree in Computer Science, Information Technology, or related field and 15 years of relevant experience or a Masters Degree and 11 years
• Must have a strong technical background and understand system architecture and design, operating systems, network infrastructure, software installation on test platforms, software development, database, and operating systems.
• Security, Software Development, Networking, and/or Systems Administrator Experience
• Understanding of 3-tiered Web Applications and Mobile Application Architectures
• Manual Penetration Testing Experience (i.e.
mapping applications, injecting SQLi, XSS, XXE, exploit creation)
• Must have Commercial Web Application Tool Experience (i.e.
BurpSuite, AppScan, WebInspect)
• Network Penetration Testing Tool Experience (i.e.
Nmap, Nessus, Wireshark, Metasploit, Hydra, John)
• Exceptional communication skills, with the ability to explain the technical details of OWASP Top 10 and other vulnerabilities from C-levels to developers in a large professional environment Desired:
• Certifications Preferred (Not Required):
• PNPT - Practical Network Penetration Tester
• OSCP - Offensive Security Certified Professional
• CRTO - Certified Red Team Operator
• CRTP - Certified Red Team Professional
• Web Services Security Penetration Testing Experience
• Commercial Network Penetration Testing Tool Experience (i.e.
Metasploit and Cobaltstrike)
• Experience with Open Source Tools (i.e.
Powershell Empire, PowerSploit, Impacket, Rubeus and Mimikatz)
• Software Development and/or Scripting Experience in PowerShell, .NET, C++, Java, C#, perl, python or bash
• Experience with Virtual Machine technologies
• Database Experience (DBA or security penetration testing)
• Source Code Review (aka Static Code Analysis) experience
• Good technical writing skills and attention to detail Clearance:Active Secret clearance required Certification: DoD 8570 IAM/IAT Level II certification.
This will change to a DoD 8140 equivalent once a DISA 8140 policy is released.
Location: This is an on-site role with expectations of being on the client site in Arlington, VA five days a week.
After several strategic acquisitions in 2021, Tyto Athene has experienced enormous opportunity and growth.
Aside from being the leading provider of mission-focused IT and Cyber services and solutions to critical U.S.
government agencies, Tyto is well-positioned to meet the growing demand for network modernization requirements across the federal enterprise.
Our employees are the key to the innovation that has made Tyto a success.
We provide an environment that is geared to reward potential, innovation, and teamwork.
If you would like to unleash your creativity and your career -- it's time to join Team Tyto! Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
Responsibilities:
• Conduct vulnerability assessments
• Carry out penetration tests, perform social engineering tests
• Analyze technical security weaknesses
• Perform risk analyses and develop exploits
• Research and maintain proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding, and encryption
• Develop tools, techniques, training, and countermeasures for computer and network vulnerabilities, data hiding, and encryption.
Required:
• Bachelor's degree in Computer Science, Information Technology, or related field and 15 years of relevant experience or a Masters Degree and 11 years
• Must have a strong technical background and understand system architecture and design, operating systems, network infrastructure, software installation on test platforms, software development, database, and operating systems.
• Security, Software Development, Networking, and/or Systems Administrator Experience
• Understanding of 3-tiered Web Applications and Mobile Application Architectures
• Manual Penetration Testing Experience (i.e.
mapping applications, injecting SQLi, XSS, XXE, exploit creation)
• Must have Commercial Web Application Tool Experience (i.e.
BurpSuite, AppScan, WebInspect)
• Network Penetration Testing Tool Experience (i.e.
Nmap, Nessus, Wireshark, Metasploit, Hydra, John)
• Exceptional communication skills, with the ability to explain the technical details of OWASP Top 10 and other vulnerabilities from C-levels to developers in a large professional environment Desired:
• Certifications Preferred (Not Required):
• PNPT - Practical Network Penetration Tester
• OSCP - Offensive Security Certified Professional
• CRTO - Certified Red Team Operator
• CRTP - Certified Red Team Professional
• Web Services Security Penetration Testing Experience
• Commercial Network Penetration Testing Tool Experience (i.e.
Metasploit and Cobaltstrike)
• Experience with Open Source Tools (i.e.
Powershell Empire, PowerSploit, Impacket, Rubeus and Mimikatz)
• Software Development and/or Scripting Experience in PowerShell, .NET, C++, Java, C#, perl, python or bash
• Experience with Virtual Machine technologies
• Database Experience (DBA or security penetration testing)
• Source Code Review (aka Static Code Analysis) experience
• Good technical writing skills and attention to detail Clearance:Active Secret clearance required Certification: DoD 8570 IAM/IAT Level II certification.
This will change to a DoD 8140 equivalent once a DISA 8140 policy is released.
Location: This is an on-site role with expectations of being on the client site in Arlington, VA five days a week.
After several strategic acquisitions in 2021, Tyto Athene has experienced enormous opportunity and growth.
Aside from being the leading provider of mission-focused IT and Cyber services and solutions to critical U.S.
government agencies, Tyto is well-positioned to meet the growing demand for network modernization requirements across the federal enterprise.
Our employees are the key to the innovation that has made Tyto a success.
We provide an environment that is geared to reward potential, innovation, and teamwork.
If you would like to unleash your creativity and your career -- it's time to join Team Tyto! Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
Source : Tyto Athene, LLC