Penetration Tester

  • MCGlobalTech
  • Washington, DC, United States
  • Oct 04, 2017
Part time Test and Evaluation Cyber Defense Analysis Vulnerability Assessment and Management Threat and Exploitation Analyst Cyber Operations

Job Description

The scope of this role includes performing the full cycle of penetration testing engagements – from scoping, through threat modeling, information gathering, discovery, vulnerability assessment, active testing, pivoting and reporting. Your engagements will include internal, external, web, mobile, thick applications and additional environments.

As a Penetration Tester you will be responsible for working closely with other teams at MCG, while testing their application environments. You will exhibit a strong sense of customer obsession while working with those teams in a consulting facility. You will be providing deep security expertise and insight to correctly identify and reflect the security risks and vulnerabilities while working with them on remediation strategies.

Job Responsibilities
– Perform full cycle engagements of penetration testing on business units independently, or as part of a team.
– Configure, run and monitor automated security testing tools
– Perform manual validation of vulnerabilities
– Perform manual penetration testing of client systems, web sites and networks to discover vulnerabilities
– Thoroughly document exploit chain/proof of concept scenarios for client consumption
– Communication skill set to influence client management to prioritize and execute remediation plans
– Ability to develop innovative tools, solutions, processes.

Required Qualifications – Programming experience in Python, PHP, Perl, Ruby, .NET or other interpreted or compiled languages
– Familiarity with vulnerability assessment and penetration best practices
– Experience with vulnerability and penetration testing techniques and tools
– Security testing tools including Metasploit, Nmap, Nessus, Burp Suite
– Linux operating systems
– Microsoft technologies
– Mobile application programming and/or security testing
– Wireless technologies
– Web application technologies
– Source code analysis software
– Intermediate to advanced Microsoft Office Suite (i.e., Word, Excel, PowerPoint)   Desired Qualifications – Network implementation (operational and security)
– Telephony Technologies (analog and IP)
– Social engineering
– Physical security
– Hardware hacking