Job Description :
Our organization is looking for an experienced Application Security / Penetration Tester for a 12+ months contract position in Merrifield, VA. If interested please submit a current resume.

Candidates must have lived in the US for at least five years and can''t have been outside the US no more than six months cumulative during the last five years.

1. Job Title: Application Security / Penetration Tester

2. Location: Merrifield, VA

3. Job Duration: 12+ months

4. Assignment Type: 1099, C2C

5. Pay Rate: Negotiable

6. Special Skills: 3+ years exp., penetration testing, security assessments, application testing, nist, iso, fisma, web, mobile, owasp, kali linux, metasploit, nmap, burp

Penetration Tester

Job Description
Penetration Tester must be able to plan, communicate, coordinate and conduct penetration tests and security assessments for applications, systems and enterprise networks.

Job responsibilities:
Plan, communicate, coordinate and perform penetration testing, application testing, and security assessments at application, system and enterprise level
Perform manual penetration tests and validation of vulnerability scan results
Develops automation/scripts for replicating vulnerability validation and penetration tests
Devises plans and scenarios for various types of penetration tests
Develop Rules of Engagement, scoping documents and reports
Documents exploits and results in remediation in final vulnerability assessment report
Perform information technology security research to remain current on emerging technology trends and develop exploits for disclosed and undisclosed vulnerabilities
Contributes to developing and implementing tools for penetration testing and early warning of weaknesses or possible incidents building on methodologies as promulgated by NIST, ISO, etc. to ensure useful, measurable, and repeatable methods applied to quantifying risk
Selects, installs, and configures security testing platforms and tools or develop tools and procedures for penetration tests
Performs penetration testing using standard penetration tools (Metasploit, Nmap, Nessus, Burp Suite, etc

Required Skills:
3-5 years of penetration testing experience is required
Experience with web and mobile applications, databases, operating systems
Experience in penetration testing large and complex enterprise networks
Experience with utilizing penetration testing framework such as OWASP
Experience with regulatory compliance, policy development, and policy enforcement
Experience with FISMA compliance and the NIST SP 800 series
Experience in the roles identified above
4+ years of network or system security
Excellent communication and interpersonal skills
Hands-on OS configuration/administration experience
Programming experience with focus on penetration testing or process automation
Experience with the following technologies:
o Kali Linux
o Metasploit
o Nmap
o Burp Suite

Desired Skills:
Experience with cyber security development projects and programs for U.S. Government and/or commercial clients
Experience with process development and deployment
Experience with the following technologies:
o Tenable SecurityCenter
o HP Fortify
o IBM AppScan
o WebInspect
Experience with three or more of the following:
o Security COTS integration
o Operating System Hardening
o Vulnerability Assessment testing
o Identification and Authentication schemes
o Public Key Infrastructure and Identity Management
o Cross Domain Solutions
o Reverse Engineering
o Security engineering
o Mobile Technologies
o Cloud Computing
Excellent writing skills

Required Education:
Bachelor’s degree in Computers or other business related major; or equivalent experience

Desired Certifications (one or more):
CEH (preferred)