Senior Penetration Tester SME, Baltimore MD, #2014-07
Defense Point Security - Baltimore, MD

This job posting is no longer available on Defense Point Security. Find similar jobs: Senior Penetration Tester Sme jobs - Defense Point Security jobs

Defense Point Security is currently seeking a qualified candidate to fulfill a role as a Senior Penetration Tester SME. This position requires previous experience in related IT security fields.The Senior Penetration Tester SME will: Follow industry best practices and methodologies, including the Open Web Application Security Project (OWASP) Testing Guide, to perform penetration testing services to uncover vulnerabilities across various web applicationsTest web services using automated web application scanning methodologies and tools (e.g. IBM AppScan, HP WebInspect, Acunetix WVS, etc...)Test web services using a manual in-depth testing methodologies and tools (e.g. Burp Suite Pro, ZAP Proxy, IronWASP, etc...)Summarize and document results of testing for management reporting including proper disposition of test exceptions.Research new threats, attack vectors, and risk.Report on security vulnerabilities via formal reports and weekly status updates. Verify the security findings from other members of the penetration testing team. Job Qualifications: U.S. citizenship required.BA/BS or higher preferred, in Computer Science, Information Systems, Software Engineering or other related analytical, scientific, or technical disciplines (or SAN/ Sec Cert).Ten years minimum of prior work experience in IT security, including penetration testing, preferably in support of the Federal government.Five years minimum of prior work experience specializing in penetration testing, preferably in support of the Federal government.CISSP CertificationOther industry certifications relating to IT security and program management preferred (GIAC, CEH, TNCP, ITILv2 PMP, etc...)Experience with web application penetration testing tools preferred, such as Burp Suite Pro, IBM AppScan, HP WebInspect, etc...Ability to work independently and also collaborating closely with application developers, engineers and others.Must be self-motivated and results oriented.Effective written, oral communication skills, and interpersonal communication skills.Strong communications skills to be able to interact with technical and non-technical colleagues.Previous experience at the Centers for Medicare Medicaid Services (CMS) is a plus.Knowledge of the latest security threats, techniques and exploits targeting vulnerabilitiesNetwork and web application penetration testingVulnerability assessments followed by providing best security practice recommendations and countermeasuresStrong familiarity with multiple operating systems, databases, applications and platforms.Understanding of SQL, XSS, CSRF, XXE, and other trends in web exploitationWorking understanding of HTML and common web applicationsThorough understanding of computer networking and the OSI modelCyber-threat research, reporting and development/implementation of vulnerability mitigation strategiesExperience with network, web, and information securitySelf-starter with ability work with little supervisionProgramming experience is a plus!Calculate and assess risk based on threats, vulnerabilities, and mitigating factors.Expert knowledge in computer and network security.Expert level knowledge in penetration testing methodology.Knowledge of exploit development.Knowledge of common IT technologies (OS, databases, network devices, applications)Familiarity in one or more of the following areas: application security, Linux/Windows system security, mobile device security, cloud technologies (IaaS, SaaS environments, etc.), and web technologies.Demonstrated knowledge and experience evaluating IT process areas, such as logical and physical access, program development, change management, IT operations etc.Strong project management skills and ability to multi-task.Detail oriented and analytical.Essential that the candidate is a team-player. Job Location: Woodlawn, MDPosition Type: Full-Time/RegularSecurity Requirement: Public Trust, however a DoD TS is preferredAll candidates must be clearable. Defense Point Security is an IT Security Consulting firm specializing in government-focused security solutions. Our goal is to provide expert IT security services to our clients while cultivating information security knowledge among all employees for the advancement of cyber security. Defense Point Security offers a competitive employment package including medical, vision, and dental insurance (among others).Defense Point Security offers a competitive benefits package to include: Competitive SalaryHealth, Dental, Vision Insurance Premiums are 100% paid by DPS for employee and eligible dependentsPersonal Accident Insurance paid by DPSLife Insurance paid by DPSShort Term Disability Insurance paid by DPSLong Term Disability paid by DPS401k Contribution Matching - 100% up to 3%, 50% up to 5%401k is 100% fully vested after 90 daysPaid time off starting at 3 weeks a year (15 days)10 paid Federal HolidaysUp to $100 per month reimbursed for cell phoneUp to $50 per month reimbursed for home internetUp to $200 every 2 years for a cell phone upgrade24x7 access to office gym and locker roomsReimbursement for qualifying educational and training expensesRewards for obtaining new IT certificationsComputer-based training (CBT) library on IT and information security topics and certificationsRemote access to a virtual lab for testing/learning opportunitiesFlexible / Alternative Work SchedulesDefense Point Security is an equal opportunity / affirmative action employer. We give equal consideration to all qualified candidates without regard to race, color, gender, nationality, disability or protected veteran status.

Keywords: Defense Point, IT, Security, ISSO, C&A, DHS, NIST, Information Assurance, Baltimore, Woodlawn, Pen tester,

Defense Point Security - 6 months ago - save job - block
About this company
3 reviews
Defense Point Security, LLC (DPS) is the choice provider of Cyber Security services to the Federal Government. As a certified small...