Penetration Tester / Security Assessor
$90k - $109kASM Research, An Accenture Federal Services Company
Creates cyber-intelligence tools / methods and performs research and analysis in order to mitigate and eliminate data and cyber security risks. Designs and develops acceptance criteria for cybersecurity architecture.
Perform infrastructure penetration testing to discover and exploit vulnerabilities to test the effectiveness of the organization's security posture.
Perform web application penetration testing to identify and exploit OWASP Top 10 web application vulnerabilities.
Leverage threat intelligence to emulate known threat actors' tactics, techniques, and procedures.
Partner with various cybersecurity teams to improve automation and detection of threat actors.
Engage with technical and non-technical audiences to articulate both techniques and results.
Minimum Qualifications
Bachelor's Degree in Computer Science or a related field or equivalent experience.
5-10 years of experience in systems security with a minimum of 2+ years in information security, penetration testing, or ethical hacking.
Other Job Specific Skills
Must possess demonstrated experience planning and conducting penetration tests against networks and web applications.
Demonstrated experience conducting vulnerability assessments and penetration tests.
Expertise with tools such as Bloodhound, Burp Suite, Cobalt Strike, Metasploit, and Mimikatz.
Hands-on experience with penetration testing tools and frameworks.
Portfolio of security assessments or CTF achievements (preferred).
Experience with network scanning, enumeration, and exploiting vulnerabilities.
Proficiency in Windows, Linux, and macOS environments.
Understanding of system hardening techniques and common misconfigurations.
Knowledge of programming languages like Python, Ruby, or JavaScript for creating custom scripts and exploits.
Familiarity with bash, PowerShell, or other scripting languages for automation.
Understanding of web technologies, including HTML, JavaScript, and SQL.
Preferred Skills
Experience in identifying and exploiting vulnerabilities in web applications, networks, and systems.
Familiarity with CVSS (Common Vulnerability Scoring System) and understanding how to prioritize vulnerabilities based on risk.
Ability to analyze and critique code for security vulnerabilities.
Familiarity with common vulnerabilities such as SQL injection, XSS (Cross-Site Scripting), CSRF (Cross-Site Request Forgery), and buffer overflows.
Strong understanding of network protocols, architecture, and components (e.g., TCP/IP, DNS, VPNs, firewalls, routers, switches).
Compensation Ranges
Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees.
EEO Requirements
It is the policy of ASM that an individual's race, color, religion, sex, disability, age, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies.
All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, disability, or age. All decisions on employment are made to abide by the principle of equal employment.
Physical Requirements
The physical requirements described in "Knowledge, Skills and Abilities" above are representative of those which must be met by an employee to successfully perform the primary functions of this job. (For example, "light office duties' or "lifting up to 50 pounds" or "some travel" required.) Reasonable accommodations may be made to enable individuals with qualifying disabilities, who are otherwise qualified, to perform the primary functions.
Disclaimer
The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.
$90k - $109k
EEO Requirements
It is the policy of ASM that an individual's race, color, religion, sex, disability, age, gender identity, veteran status, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies.
All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, veteran status, disability, gender identity, or age. All decisions on employment are made to abide by the principle of equal employment.
- ...deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide. Job Description Overview SOSi is seeking a Penetration Tester III to support proactive cyber defense activities in alignment with our customer....SuggestedContract workWork at officeWorldwideMonday to FridayWeekend workAfternoon shift
SOSi
Washington DC3 days ago - ...Organization Vice President Drive the security of critical banking applications and... ...will be to plan, execute, and report on penetration tests targeting high-impact applications... ...penetration test reports and mentoring junior testers. ~ Continuous learner who keeps up...Suggested
Chase
Washington DC5 days ago - ...Clearance Certifications: Holds or is working toward penetration testing and offensive security certifications appropriate for DoD environments, such... ...Description: PingWind is seeking a Penetration Tester responsible for supporting authorized penetration...SuggestedTemporary workFlexible hours
PingWind Inc
Alexandria, VA1 day ago $40 per hour
...firm is looking for experienced cybersecurity professionals to join their remote team. In this role, you will evaluate AI-generated security content and solve technical problems to train AI models. Seeking candidates with 2+ years of hands-on experience in cybersecurity,...SuggestedHourly payRemote workFlexible hoursDataAnnotation
Washington DC8 days ago$40 per hour
...training firm is seeking experienced cybersecurity professionals for a remote position. In this role, you will evaluate AI-generated security content and solve technical cybersecurity problems. Candidates should have at least 2 years of experience, some coding capability,...SuggestedHourly payRemote workDataAnnotation
Washington DC3 days ago- A cybersecurity service provider is seeking a Penetration Tester to support authorized penetration testing and security assessments. Responsibilities include executing tests, documenting findings, and verifying remediation. Candidates must hold a BS/BA degree and have 5...
- ...| Washington DC | Wilmington DE. Contribute to leading-edge security and resilience efforts, advancing protective strategies and propelling... ...team, your primary responsibility will be performing hands on penetration testing of some of JPMC’s most critical applications,...Worldwide
$100k - $200k
...Systems Interoperability Tester Position Description: CGI Federal has an exciting opportunity for a Systems Interoperability Tester within our Intel sector advancing the national security mission through cutting edge technology. You must have a passion for keeping pace...Navstar
Arlington, VA5 days ago- Direct experience in NIST security control assessments Direct experience in System Security Plan (SSP) development Direct experience conducting or supporting NIST-based risk assessments Demonstrated success interfacing directly with system owners and executive management...
- TLA is seeking a Security Assessor for evaluating the effectiveness of security measures and controls within the organization's information... ...tools and manual techniques (e.g., vulnerability scanning, penetration testing, code review) to identify security weaknesses, document...Work experience placement
$76.4k - $138.6k
...more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting...Summer holidayLocal areaFlexible hoursEY
Washington DC1 day ago- ...Senior Strategic Consultant - DOS Training Security Engineering Dexis is a dynamic professional services firm dedicated to partnering with government and community leaders both in the U.S. and internationally to achieve critical social outcomes in a rapidly changing...Contract workWork at office
Dexis Consulting Group
Washington DC5 days ago $159.3k - $202.4k
...Amazon's Threat Hunting team is looking for a Security Engineer, Threat Hunting who is excited by the idea of searching for and uncovering... ...vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent PREFERRED...Flexible hoursShift workAmazon
Arlington, VA4 days ago$178.4k - $226.7k
...Corporate Services Security (CPSS) is the Amazon security team aligned with Finance & Global Business Services (FGBS), People eXperience & Technology (PXT), Legal and Global Communications and Community Impact (GCCI) business units. Our Mission is to protect and safeguard...InternshipFlexible hoursAmazon
Arlington, VA4 days ago$159.3k - $202.4k
...Description Amazon Healthcare Security's (HealthSec) AI team is hiring a Security Engineer II to secure GenAI applications and enable secure AI adoption across Amazon Health Services (AHS). You will work at the intersection of AI for Security and Security for AI—securing...Flexible hoursAmazon
Arlington, VA5 days ago$237.6k - $297k
...We are seeking a highly technical Security Engineer to join our Product Security team. This role is integral to ensuring the security and integrity of our products and services. You will conduct in-depth code reviews, implement security best practices, and influence the...Full timeScale AI
Washington DC3 days ago$136k - $184k
...At Amazon Healthcare Security, we are on a mission to make healthcare secure and easy. We are developing a patient-centric healthcare... ...security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent -...Temporary workInternshipFlexible hoursAmazon
Arlington, VA5 days ago$104k - $156k
...Posting Type Remote/Hybrid Job Overview As an Advanced Security Engineer focused on Endpoint Security, you will design, build,... ...Required Skills: Endpoint Security, Network Security, Penetration Testing, Security Architecture Design, Security Automation,...Remote workRelativity
Washington DC3 days ago- ...Senior System Security Administrator HCRC is seeking a Senior System Security Administrator to join our team and contribute to the success of our mission-critical security operations. The ideal candidate is a detail-oriented, resilient professional with a strong background...Work experience placement
Human Capital Resources and Concepts
Washington DC5 days ago $86.8k - $198k
...Cybersecurity (ECS) Red Team, you will take on a specialized role as a penetration tester, working directly with new products in development to identify vulnerabilities and reinforce our security posture. This unique opportunity allows you to lead dynamic penetration...Full timeContract workPart timeWork at officeLocal areaRemote work- ...Bachelor’s degree in Cybersecurity or a related field, with 3-6 years of relevant experience. Preferred certifications include CompTIA Security+, CISSP, and CEH. The position offers the opportunity to work in a federal environment while ensuring compliance to critical...
$134.6k - $184.5k
...across the U.S. This role requires approximately 10-15 years of experience, and expertise in technical architecture, especially with security solutions like Microsoft Defender and CrowdStrike. Candidates must possess strong interpersonal and communication skills, and be...Remote workOptiv
Arlington, VA3 days ago$93k - $111k
...Security System Administrator Versar has a unique opportunity for self-motivated security professionals, able to work independently to meet deadlines and response times, and in support of important missions within the Federal Government. Versar requires highly skilled...Full timeLocal areaVersar
Washington DC4 days ago$104k - $166k
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver...Full timeContract workTemporary workInterim roleCurrently hiringWork at officeLocal areaShift work$125k - $145k
...Perform network and media digital forensic investigations to support cybersecurity incident response, threat analysis, and enterprise security operations. Conduct advanced threat hunting activities across enterprise infrastructure to identify malicious activity,...Full timeContract workFlexible hours2 days per week3 days per week$62k - $141k
Job Number: R0238924 Enterprise Cybersecurity Penetration Tester and Operator, Mid The Opportunity As a member of the Booz Allen internal... ...system‑focused network and penetration assessments to identify security risks within applications, security controls, and network...Contract workLocal area$101k - $152k
Applied Information Sciences, Inc in Alexandria, Virginia is seeking a Senior Security Engineer to conduct comprehensive digital forensic examinations across various systems. This role includes responsibility for incident management, malware analysis, and deep investigations...Contract work- ...forensic laboratory environment supporting active law enforcement and regulatory investigations. This position ensures the availability, security, and forensic integrity of systems, tools, and infrastructure used to collect, process, analyze, and preserve digital evidence in...
- ...Graduate Engineer, Electronic Security Engineer Together, we own our company, our future, and our shared success. As an employee-owned company, our people are Black & Veatch. We put them at the center of everything we do and empower them to grow, explore new possibilities...
Black & Veatch
Arlington, VA4 days ago $110k - $170k
...About the Role: Innovative Defense Technologies (IDT), a leading defense technology company, is seeking a Senior Information System Security Officer (ISSO) to be part of our Security team and based out of our Arlington, VA location. The Senior Information System...Full timeWork at officeImmediate startInnovative Defense Technologies
Arlington, VA3 days ago
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Penetration Tester / Security Assessor. Be the first to apply!
