Penetration Tester

WarCollar Industries

We are a Veteran-Owned small business providing Technical Operation’s support and Cyber Security solutions to civilian and government clientele.

Benefits
Salary:
We offer competitive compensation packages with plenty of opportunities for advancement.

Health Insurance:

WarCollar pays 100% of the premiums for employee and dependent's health insurance, including medical, dental, and vision. Life insurance, short term and long term disability are also 100% paid by WarCollar.

401K Program:
WarCollar offers 3% Safe Harbor match and up to 6% profit sharing for 401K participants. All company contributions are 100% vested immediately.

Leave:

At WarCollar, you accrue leave at 10% of the hours you bill. To be clear: if you work 100 hours, you accrue 10 hours of leave. Leave in excess of 40 hours is generally bought back at the end of the year almost like a bonus. Speaking of bonuses...

Bonus:

You are eligible for two bonuses a year, one in July and one in December.

Educational Reimbursement:

Every employee is eligible for $5,000 for educational reimbursement.

Government Shutdown Protection:

If the government shuts down for any reason, WarCollar will cover your time off up to 5 business days a year.



Penetration Tester Herndon, VA


A penetration tester shall be capable of performing complex assessments while maintaining a focus on meeting client requirements. A Penetration tester also contributes to the development and continuous improvement of the Security Assessment practice through various team and industry contributions.

Job responsibilities:

1. Assess an organization’s network security posture through the use of automated tools and manual techniques to identify and verify common security vulnerabilities

2. Use creative approaches to identify vulnerabilities that are commonly missed in security assessments

3. Exploit vulnerabilities and identify specific, meaningful risks to clients based on industry and business focus

4. Perform complex wireless attacks both against wireless clients and access points

5. Use social engineering techniques to obtain sensitive information, network access and physical access to client sites



Desired Qualifications:

1. Experience performing Vulnerability Assessments, Penetration Tests, Wireless Security Assessments and and/or Social Engineering including:
a. Network Vulnerability Assessments
b. Penetration Tests
c. Wireless Network Security Assessments
d. Social Engineering (Telephony, onsite and remote pre-texting, spear phishing, etc.)
e. Product/Hardware Security Assessments
f. Web application Vulnerability Assessments (SQLi, XSS, Session management issues, etc.)

2. Experience in a consulting services role, or related information security positions

3. Bachelor’s Degree from a four-year college or university; or equivalent combination of education and experience

4. OSCP, OSCE, GIAC, CISSP certifications preferred

5. Ability to combine multiple separate findings to identify complex blended vulnerabilities

6. Ability to identify, describe and report of overall information system risk to clients through post-exploitation activities required.

7. Mastery of commercial and open source security tools required (e.g. Nessus, Nexpose, SAINT, Qualys, Burp, Nmap, Kali, Metasploit, Meterpreter, Wireshark, Kismet, Aircrack-ng etc.)

8. Familiarity with many different network architectures, network services, system types, network devices, development platforms and software suites required (e.g. Linux, Windows, Cisco, Oracle, Active Directory, JBoss, .NET, etc.) required.

9. Strong programming skills preferred (Python, Ruby, Node.js, C/C++, Assembly, etc.) 21. Reverse engineering/Binary analysis experience (firmware, x86 applications, etc.) preferred.


















Location
Herndon VA
Position Id
201022
Date Posted
6/03/2018
Apply With