Penetration Tester Job at Shedd RS, Washington DC

TUlKZmdwZUVwUERpRjRUTzFtNWloVjZ3bEE9PQ==
  • Shedd RS
  • Washington DC

Job Description

We are looking for a Penetration Tester to join our client’s team on an upcoming Security and Privacy Assessment project in the non-profit telecommunications industry. The Pen Tester will complement risk assessments as ongoing defense against technical security threats of weakness exploitation for the same systems.

This role is hybrid remote with some in-person support required at the customer's location in Washington, DC. This is a direct hire position with a salary range of $120-150k.

Responsibilities Include:
  • Penetration Testing:
    • Conduct annual penetration testing of IT Systems.
    • Ad hoc penetration testing as assigned for targeted applications, subsystems, or in response to emerging threats.
    • Penetration testing for ATO-oriented assessments and ISPCM-oriented assessments.
    • Conduct additional penetration tests as requested to accommodate schedules or ongoing authorization status for an authorized system, as required.
  • Vulnerability Assessment:
    • Analyze and assess potential security risks and vulnerabilities.
    • Conduct vulnerability scans and risk assessments on a variety of platforms.
  • Reporting and Documentation:
    • Document and report findings with clear and actionable recommendations.
    • Prepare detailed penetration testing reports and executive summaries.
  • Security Recommendations:
    • Provide expert guidance on remediation strategies to mitigate identified vulnerabilities.
    • Collaborate with IT and development teams to implement security improvements.
  • Security Research:
    • Stay updated with the latest security trends, threats, and technology developments.
    • Research new attack vectors and develop new testing methodologies.
  • Compliance and Best Practices:
    • Ensure compliance with industry standards and regulations (e.g., PCI-DSS, GDPR, HIPAA).
    • Advocate for security best practices across the organization.
    • Perform testing for OWASP Top Ten
  • Training and Mentorship:
    • Mentor junior penetration testers and provide training to staff on security awareness.
    • Conduct workshops and training sessions to promote security knowledge.
Required Skills, Qualifications, and Experience:
  • Certifications:
    • Must have and maintain at least one of the following current certifications: GIAC Penetration Tester ("GPEN"), Certified Ethical Hacker ("CEH"), CompTIA PenTest+, or Licensed Penetration Tester Master ("LPT").
  • Experience:
    • Minimum of 5 years of professional experience in penetration testing and ethical hacking.
    • Proven track record of conducting successful penetration tests.
  • Technical Skills:
    • Proficiency in using penetration testing tools (e.g., Burp Suite, Metasploit, Nmap).
    • Strong understanding of network protocols, operating systems, and web application security.
    • Experience with scripting languages (e.g., Python, Bash) for automation of tasks.
    • Knowledge of various security frameworks and standards (e.g., OWASP, NIST).
  • Soft Skills:
    • Excellent problem-solving skills and analytical thinking.
    • Strong communication skills, both written and verbal.
    • Ability to work independently and as part of a team.
Preferred Qualifications:
  • Experience in a similar role within a large enterprise or consulting environment.
  • Familiarity with cloud security testing (e.g., AWS, Azure).
  • Experience with mobile application security testing.
  • Advanced knowledge of social engineering techniques.
  • Experience developing Penetration Testing documents, such as scoping documents, ROE and reports.
  • Proficiency in Python programming.
  • Experience in leading internal and external pen tests.
  • Experience in all phases of the Penetration Testing Process.
  • Experience with numerous pen testing tools (Nmap, Burp, curl, wget, Nessus, Nikto, SQLMAP etc.).
  • Experience with database scanning tools.
  • Experience with web application scanning tools.
  • Experience with phishing tools.
  • The ability to write compelling documentation.

Job Tags

Remote job,

Similar Jobs

Just for Kids Preschool and Child Care Center

Two Year Old Teacher Job at Just for Kids Preschool and Child Care Center

 ...care givers of children. We strive to maintain the highest-quality staff, helping you constantly grow and improve. Looking for a full time teacher.. If you have a big heart to help shape little minds, please apply today! We can't wait to welcome you to our school... 

Schneider

CDL-A - Dedicated truck driver - Family Dollar Job at Schneider

 ...weekly Home time: Weekly Experience: All CDL holders Job ID: 220397 Overview ~...  ...payments for inexperienced drivers. ~ Paid orientation. ~ Paid time off after 6...  ...Permit (if interested in company-paid CDL training). Live within 75 miles of Des Moines, IA... 

Apex Fencing

Residential Fence Subcontractor Job at Apex Fencing

 ...Apex Fencing is seeking experienced fence installers! Whether you're an individual or a subcontractor, we welcome your application. Position Overview: Established crews with their trucks and equipment can gross $150,000-$250,000 annually. We even offer equipment... 

Strategic Resolution Experts, Inc.

Operations Research Systems Analyst Job at Strategic Resolution Experts, Inc.

 ...substantial numbers of people. The consultant regularly meets with analysts and specialists within the organization, other staff elements,...  ...solutions to resistance encountered due to organizational conflict, competing objectives, or resource issues.The consultant receives... 

CBRE

Real Estate Manager Job at CBRE

 ...Are you ready to start an exciting career with CBRE? About The Role: As a CBRE Property Management Manager, you will be managing all aspects of a single commercial office property. Oversees all marketing, operations and financial activities. This job is part...