Penetration Tester

Gray Tier Technologies is seeking a Web App Penetration Tester to support our DHS customer based out of Springfield Virginia. 

Primary Responsibilities:

• Knowledge of penetration testing best practices and tool usage.
• Experience conducting penetration testing in the following disciplines:
• Web Application testing
• Network Penetration testing
• API and serverless penetration testing
• Cloud based penetration testing (one of the three):
• AWS
• Microsoft Azure
• Google Cloud Platform (GCP)
• Capable of working within guidance to safely support penetration testing operations as part of a managed team.
• Detailed knowledge of web application and network based penetration testing security tools.
• Provide expert level guidance to the customer regarding penetration testing and vulnerability assessment industry best practices.

Qualifications:

• Bachelors’ degree from an accredited college in a related discipline, or equivalent experience/combined education, with 8+ years of professional experience; or 6+ years of professional experience with a Masters’ degree.
• In addition to specific security clearance requirements all Department of Homeland Security SOC employees are required to obtain an Entry on Duty (EOD) clearance to support this program.
• 2 years in Pen Testing and Vulnerability Assessment
• 2-3 years of professional experience in incident detection and response, malware analysis, or cyber forensics.
• Experience with any three of the seven tools listed below:
• Kali Linux
• Metaspoilt
• Burp suite
• Cobalt Strike
• Tenable Nessus
• Web Inspect
• Scuba
• App detective
• PACU
• AWS CLI
• Scout Suite
• Active Top Secret clearance with SCI eligibility

Preferred Qualifications:

• Prior DHS IT security and/or audit experience preferred.
• Prior System Administrator experience a plus.
• Previous IT experience is preferred, specifically 7 years of professional experience in a Computer Science discipline is ideal.
• Penetration testing experience with Kubernetes and or Docker
• Mobile Application penetration testing experience
• Wireless penetration testing experience

• DHS Risk and Vulnerability Assessment (RVA) Operator certified

CLEARANCE REQUIRED:
• Must be have a current Public Trust or Secret clearance. Top Secret/SCI clearance preferred.

• Must be able to obtain and maintain an DHS Entry on Duty (EOD) clearance