Yesterday
Secret
Unspecified
Unspecified
IT - QA and Test
Arlington, VA (On-Site/Office)
Tyto Athene is searching for a Lead Penetration Tester to support our customer in Arlington, Virginia.
Responsibilities:
* Conduct vulnerability assessments
* Carry out penetration tests, perform social engineering tests
* Analyze technical security weaknesses
* Perform risk analyses and develop exploits
* Research and maintain proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding, and encryption
* Develop tools, techniques, training, and countermeasures for computer and network vulnerabilities, data hiding, and encryption.
Required:
* Bachelor's degree in Computer Science, Information Technology, or related field and 15 years of relevant experience or a Masters Degree and 11 years
* Must have a strong technical background and understand system architecture and design, operating systems, network infrastructure, software installation on test platforms, software development, database, and operating systems.
* Security, Software Development, Networking, and/or Systems Administrator Experience
* Understanding of 3-tiered Web Applications and Mobile Application Architectures
* Manual Penetration Testing Experience (i.e. mapping applications, injecting SQLi, XSS, XXE, exploit creation)
* Must have Commercial Web Application Tool Experience (i.e. BurpSuite, AppScan, WebInspect)
* Network Penetration Testing Tool Experience (i.e. Nmap, Nessus, Wireshark, Metasploit, Hydra, John)
* Exceptional communication skills, with the ability to explain the technical details of OWASP Top 10 and other vulnerabilities from C-levels to developers in a large professional environment
Desired:
* Certifications Preferred (Not Required):
* PNPT - Practical Network Penetration Tester
* OSCP - Offensive Security Certified Professional
* CRTO - Certified Red Team Operator
* CRTP - Certified Red Team Professional
* Web Services Security Penetration Testing Experience
* Commercial Network Penetration Testing Tool Experience (i.e. Metasploit and Cobaltstrike)
* Experience with Open Source Tools (i.e. Powershell Empire, PowerSploit, Impacket, Rubeus and Mimikatz)
* Software Development and/or Scripting Experience in PowerShell, .NET, C++, Java, C#, perl, python or bash
* Experience with Virtual Machine technologies
* Database Experience (DBA or security penetration testing)
* Source Code Review (aka Static Code Analysis) experience
* Good technical writing skills and attention to detail
Clearance:Active Secret clearance required
Certification: DoD 8570 IAM/IAT Level II certification. This will change to a DoD 8140 equivalent once a DISA 8140 policy is released.
Location: This is an on-site role with expectations of being on the client site in Arlington, VA five days a week.
After several strategic acquisitions in 2021, Tyto Athene has experienced enormous opportunity and growth. Aside from being the leading provider of mission-focused IT and Cyber services and solutions to critical U.S. government agencies, Tyto is well-positioned to meet the growing demand for network modernization requirements across the federal enterprise.
Our employees are the key to the innovation that has made Tyto a success. We provide an environment that is geared to reward potential, innovation, and teamwork. If you would like to unleash your creativity and your career -- it's time to join Team Tyto!
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
Responsibilities:
* Conduct vulnerability assessments
* Carry out penetration tests, perform social engineering tests
* Analyze technical security weaknesses
* Perform risk analyses and develop exploits
* Research and maintain proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding, and encryption
* Develop tools, techniques, training, and countermeasures for computer and network vulnerabilities, data hiding, and encryption.
Required:
* Bachelor's degree in Computer Science, Information Technology, or related field and 15 years of relevant experience or a Masters Degree and 11 years
* Must have a strong technical background and understand system architecture and design, operating systems, network infrastructure, software installation on test platforms, software development, database, and operating systems.
* Security, Software Development, Networking, and/or Systems Administrator Experience
* Understanding of 3-tiered Web Applications and Mobile Application Architectures
* Manual Penetration Testing Experience (i.e. mapping applications, injecting SQLi, XSS, XXE, exploit creation)
* Must have Commercial Web Application Tool Experience (i.e. BurpSuite, AppScan, WebInspect)
* Network Penetration Testing Tool Experience (i.e. Nmap, Nessus, Wireshark, Metasploit, Hydra, John)
* Exceptional communication skills, with the ability to explain the technical details of OWASP Top 10 and other vulnerabilities from C-levels to developers in a large professional environment
Desired:
* Certifications Preferred (Not Required):
* PNPT - Practical Network Penetration Tester
* OSCP - Offensive Security Certified Professional
* CRTO - Certified Red Team Operator
* CRTP - Certified Red Team Professional
* Web Services Security Penetration Testing Experience
* Commercial Network Penetration Testing Tool Experience (i.e. Metasploit and Cobaltstrike)
* Experience with Open Source Tools (i.e. Powershell Empire, PowerSploit, Impacket, Rubeus and Mimikatz)
* Software Development and/or Scripting Experience in PowerShell, .NET, C++, Java, C#, perl, python or bash
* Experience with Virtual Machine technologies
* Database Experience (DBA or security penetration testing)
* Source Code Review (aka Static Code Analysis) experience
* Good technical writing skills and attention to detail
Clearance:Active Secret clearance required
Certification: DoD 8570 IAM/IAT Level II certification. This will change to a DoD 8140 equivalent once a DISA 8140 policy is released.
Location: This is an on-site role with expectations of being on the client site in Arlington, VA five days a week.
After several strategic acquisitions in 2021, Tyto Athene has experienced enormous opportunity and growth. Aside from being the leading provider of mission-focused IT and Cyber services and solutions to critical U.S. government agencies, Tyto is well-positioned to meet the growing demand for network modernization requirements across the federal enterprise.
Our employees are the key to the innovation that has made Tyto a success. We provide an environment that is geared to reward potential, innovation, and teamwork. If you would like to unleash your creativity and your career -- it's time to join Team Tyto!
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
group id: 91085617
