Penetration Tester

Required Experience:

• A minimum of eight (8) years of experience in analysis and definition of system security requirements.
• A minimum of five (5) years of experience in performing static analysis of applications using different tools and technologies such as Webinspect, Splunk, DbProtect, Nessus, Fortify, AppScan, Veracode, SonarQube.
• A minimum of five (5) years of experience in performing dynamic / customized security analysis of web applications using various tools and technologies to perform penetration testing and identify vulnerabilities/security issues and suggesting remedial measures.
• A minimum of three (3) years of experience in defining computer security requirements for high-level applications and evaluating approved security product capabilities.
• A minimum of two (2) years of experience working with Web Application Firewall (WAF), Content Delivery Network (CDN) tools such as Akamai, Incapsula, AWS WAF, Cloudflare.
• Experience in performing Security Incident Response and Forensics evaluation with SIEM Tools.

Education:

Bachelor's Degree from an accredited college or university in Engineering, Computer Science, Information Systems, Business or other related Discipline.

Certification:

• Active CISM, CISSP, CISA, Ethical hacking, or other Security Certifications

Preferred Qualifications:

• A minimum of five (5) years of specialized experience in defining computer security requirements for high-level applications, evaluation of approved security product capabilities, and developing solutions to MLS problems.
• Demonstrated understanding of information security concepts and regulatory compliance requirements.
• A minimum of seven (7) years of experience with performing security assessment of infrastructure, applications, and static/dynamic code analysis for web applications in Java, JavaScript.
• Experience with assessment and evaluation of information systems to recommend changes, mitigate threats, risks, and vulnerabilities. Conduct Incident Response testing to evaluate processes for detection, response, and reporting of security incidents.
• Experience in developing DISA STIGS, IRS/CIS Benchmark style hardening checklists to establish system security baseline documentation.
• Experience with administering and maintaining all security architecture technology solutions including SIEM, vulnerability management, anti-virus management, database monitoring and encryption, IDS/IPS, Data Loss Prevention, and Web Application Firewall.
• A minimum of four (4) years of experience in managing computer systems and utilizing Tenable Security Center to manage security vulnerabilities and compliance configurations.
• Experience as a Certified Ethical Hacker.
• Experience with network implementation of Cisco Routers & Switches, CISCO ASA & Fortinet Firewall.
• A minimum of five (5) years hands-on experience in implementing Minimum Acceptable Risk Standards for Exchange (MARS-E 2.0) based on NIST SP 800-53 rev4 Security and Privacy Controls.
• A minimum of five (5) years hands-on experience in NIST SP 800-37 applying Risk Management Framework.
• ITIL v3 or equivalent Certification, ISCC certification.
• Experience working and developing with PMO processes, policies and procedures.

Benefits:

• Medical insurance
• Dental Insurance
• Vision Insurance
• Flexible Spending Account (FSA) You may elect to participate in the FSA plan
• Health Savings Account (HSA) If you elect to participate in an HDHP plan, you can enroll in the available HSA Program.
• 401K and Retirement Savings Account
• Annual Bonus and Profit Sharing Based upon individual performance, client feedback, and business development results
• Vacation Company paid vacation and federal holidays followed by the client
• Voluntary Disability Insurance Both short and Long-term disability insurance is optional
• Training An abundance of training resources can be found on the Employee Service Center.

ATD Technology, LLC is a certified minority woman owned business that creates opportunities to match qualified individuals with client programs while meeting all parties' financial and technical goals. ATD is a full service provider with offerings in Contract, Permanent and Temp-to-Perm staffing solutions. We serve Fortune 1000, mid cap and small cap companies in the Commercial, Public and Government sectors.