Penetration Tester Mid

ECS is seeking a Penetration Tester Mid to work in our Windsor Mill office.

Position Responsibilities:

. Conduct network and web-based application penetration tests

. Provide advisement on countermeasures to mitigate threats

. Identify security deficiencies and determine the efficacy of security controls design and implementation

. Provide vulnerability to exploit mapping

. Probe for vulnerabilities in web applications

. Conduct physical security assessments and wireless security assessments as required

. Work on improvements for security services, including the continuous enhancement of existing methodology material and supporting assets

. Perform IT security research to remain current on emerging technology trends and develop exploits for disclosed and undisclosed vulnerabilities

. Research, document and discuss security findings with team members

. Pinpoint methods that attackers could use to exploit weaknesses and logic flaws

. Provide feedback and verification as an organization fixes security issues

. Simulate internal lateral movement activities

. Provide mentorship and guidance to Junior Penetration Testers.

Salary Range: $105,323.00 - $128,728.00
General Description of Benefits: Benefits Link

Requirements:

Job Requirements:

. 5+ years of IT experience to include 3+ years of experience in either information security, development, or system/network administration.

. Bachelor's degree in an IT related field or equivalent education or work experience.

. Programming experience with focus on development, security, or process automation

. Working knowledge of TCP/IP ports and protocols

. Working proficiency with Windows and UNIX operating systems

. Working knowledge of firewalls, routing, switching, and other network security products

. Familiarity with web proxy tools such as Burp, ZAP, and Fiddler

. Knowledge of security issues such as Cross Site Scripting, SQL Injection, Cookie Manipulation, Buffer Overflows, etc.

. Familiarity with penetration testing tools and tool suites such as Burp Suite Pro, Kali Linux, Nmap, Metasploit, Nessus, tcpdump, Wireshark, Nikto, etc.

. Excellent written and oral communication skills. Must be able to document security deficiencies write Security Assessment reports, Standard Operating Procedure documents, etc.

. Self-motivated and able to work in an independent manner

. U.S. Citizen - must be able to obtain "Public Trust" level clearance. (SF-85 and SF-86 submission required)

Req Benefits: