Title: Penetration Tester
Location: Ashburn, VA
Duration: Full Time
We are seeking a skilled Penetration Tester with extensive experience in testing applications, networks, and databases. The ideal candidate should have proficiency in both Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST), along with expertise in conducting code reviews. Familiarity with modifying attacks and exploits, leveraging Metasploit modules, is essential.
Key Requirements:
- Proven experience in penetration testing of applications, networks, and databases.
- Proficiency in Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST).
- Ability to perform thorough code reviews to identify vulnerabilities and security issues.
- Experience in modifying attacks and exploits, utilizing Metasploit modules effectively.
- Strong scripting skills in Python, Bash, and other scripting languages for automation and tool development.
- In-depth knowledge of OWASP Top 10 vulnerabilities and mitigation techniques.
- Familiarity with various security assessment tools and techniques for comprehensive testing.
- Capability to generate detailed reports outlining findings, risks, and recommendations for remediation.
- Excellent communication skills, with the ability to collaborate effectively with cross-functional teams and clients.
- Relevant certifications such as CEH (Certified Ethical Hacker), OSCP (Offensive Security Certified Professional), or similar certifications are preferred.
Additional Skills (Optional):
- Experience with cloud security assessments (AWS, Azure, GCP).
- Familiarity with container security and Kubernetes.
- Knowledge of mobile application security testing (Android/iOS).
- Understanding of threat modeling and risk assessment methodologies.
