Penetration Tester

Penetration Tester - Intermediate

We are seeking a Penetration Tester - Intermediate to join our Defense Logistics Agency (DLA) Team.

TekSynap is a fast-growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well planned information management environment. "Technology moving at the speed of thought" embodies these principles – the need to nimbly utilize the best that information technology offers to meet the business needs of our Federal Government customers.

We offer our full-time employees a competitive benefits package to include health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time and holidays.

The safety and health of our employees is of the utmost importance. Employees are required to comply with any vaccination requirements mandated by contract, applicable law or regulation.

By applying to a role at TekSynap you are providing consent to receive text messages regarding your interview and employment status. If at any time you would like to opt out of text messaging, respond "STOP".

As part of the application process, you agree that TekSynap Corporation may retain and use your name, e-mail, and contact information for purposes related to employment consideration.

Responsibilities

Under general supervision, perform penetration testing of applications, systems, and network enclaves to identify security weaknesses and vulnerabilities. Assess enterprise systems using offensive cybersecurity techniques and provide actionable recommendations to reduce risk and improve the organization's overall cybersecurity posture.

Conduct application, network, and wireless penetration testing in accordance with approved methodologies and rules of engagement.

Identify security flaws in computing platforms, applications, and network architectures and develop mitigation strategies to address identified risks.

Apply offensive cybersecurity testing techniques, including manual and automated testing methods.

Coordinate penetration testing activities and schedules with internal stakeholders, system owners, and external partners as required.

Perform network vulnerability assessments and exploitation testing across on-premises and enclave-based environments.

Execute wireless security assessments, including identification of rogue access points and insecure configurations.

Analyze test results and document findings, including severity, impact, and recommended remediation actions.

Prepare and deliver technical assessment reports and briefings to leadership and technical teams.

Support compliance-driven testing efforts, including PCI DSS and other applicable security standards.

Contribute to continuous improvement of enterprise cybersecurity posture through lessons learned and testing feedback.

Required Qualifications

Secret – IT-II (Tier 3) Non-Critical Sensitive Clearance

Possess a certification in penetration testing, such as:

• Licensed Penetration Tester (LPT)
• Certified Expert Penetration Tester (CEPT)
• Certified Ethical Hacker (CEH)
• Global Information Assurance Certification Penetration Tester (GPEN)

Minimum of 3 years of demonstrated experience performing vulnerability assessments and penetration testing.

Minimum of 2 years of experience conducting network vulnerability assessments and penetration testing methodologies.

Two Years experience with testing tools including NESSUS, METASPLOIT, CANVAS, NMAP, Burp Suite and Kismet.

Minimum of 1 year of experience authoring formal penetration testing or security assessment reports.

Minimum of 2 years of experience using, administering, and troubleshooting Linux operating systems.

Minimum of 2 years of experience using, administering, and troubleshooting Windows Server or Linux servers, including IIS or Apache.

Technical Skills & Knowledge

Proficiency with penetration testing and assessment tools, including Nessus, Metasploit, CANVAS, Nmap, Burp Suite, and Kismet.

Strong understanding of TCP/IP protocols, networking concepts, and network architectures.

Knowledge of open security testing standards and projects, including OWASP.

Understanding of PCI DSS testing requirements.

Knowledge of database, application, and web server design and implementation.

Experience with wireless LAN security testing methodologies and tools.

Experience scripting in one or more of the following languages: Perl, Python, Ruby, Bash, or Java.

Communication Skills

Demonstrated written documentation and oral presentation skills.

Ability to clearly communicate technical findings to both technical and non-technical audiences.