Jul 3
Top Secret
Mid Level Career (5+ yrs experience)
IT - Security
ATL, GA (On-Site/Office)
BluOmega is looking for a Top Secret Cleared Penetration Tester to join our Cyber Solutions Practice in Atlanta, Ga and support a federal customer. Qualified candidates should have experience in software assurance, penetration testing with a range of automated tools, security patch management, secure cloud, and hybrid engineering and possess an active Top Secret.
Responsibilities:
• Perform penetration testing, software assurance, and vulnerability assessment in support of HHS customers.
• Interpret penetration testing results to identify and recommend corrective actions and/or mitigation strategies.
• Produce and deliver reports on individual and enterprise software assurance efforts, working with service providers and individual programs/systems. Deliverable: Software Assurance Reports.
• Identify and address security implications during software acceptance activities, including completion criteria, risk acceptance and documentation, common criteria, and methods of independent testing.
• Perform security test assessments in support of HHS and system-specific software assurance efforts, working with service providers and individual programs.
• Collaborate with DevSecOps team participants from other organizations to integrate information assurance and cybersecurity needs and practices on a continuous basis throughout Agile development activities including, but not limited to: requirements, design, implementation, testing, and delivery of new IT solutions, applications, services, and systems, or updating and enhancing existing ones.
• Perform and document vulnerability assessments of Government-identified HHS systems (Deliverable: Vulnerability Assessment Reports).
• Performs social engineering tests; analyzes technical security weaknesses; performs risk analyses; and develops exploits.
• Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding and encryption.
• Develops tools, techniques, training and countermeasures for computer and network vulnerabilities, data hiding and encryption.
• Annually review and update, as needed, all security configurations within automated DevSecOps tools and manual processes to ensure compliance with IC policy. Upon government approval, implement changes to processes and technologies for penetration testing, software assurance, and vulnerability assessment activities, and report metrics in Monthly Status Reports.
Required Qualifications:
• Must have at least 6 years of penetration testing experience and 8 years of general work experience.
• Active Top Secret w/ ability to obtain SCI clearance if required
• This position requires a badge and/or clearance that requires an extensive background, credit, and drug screening check.
Desired Qualifications:
• Cyber security certifications as a Certified Ethical Hacker (CEH), OSCP, GPEN, or equivalent are preferred but not required.
• Proficient in the use of Nessus Security Center, Wireshark, Web Application Scanning, Penetration Testing, BurpeSuite, Kali linux, and similar tools. Must have recent Software Assurance experience. Metasploit experience is preferred.
• Linux and Cisco Routing and Switching experience.
• Bachelor's Degree or Master's Degree in a technology discipline from an accredited university.
• A Master’s Degree may be substituted for 4 years of general work experience.
Salary Band:
$60-$80w2
Responsibilities:
• Perform penetration testing, software assurance, and vulnerability assessment in support of HHS customers.
• Interpret penetration testing results to identify and recommend corrective actions and/or mitigation strategies.
• Produce and deliver reports on individual and enterprise software assurance efforts, working with service providers and individual programs/systems. Deliverable: Software Assurance Reports.
• Identify and address security implications during software acceptance activities, including completion criteria, risk acceptance and documentation, common criteria, and methods of independent testing.
• Perform security test assessments in support of HHS and system-specific software assurance efforts, working with service providers and individual programs.
• Collaborate with DevSecOps team participants from other organizations to integrate information assurance and cybersecurity needs and practices on a continuous basis throughout Agile development activities including, but not limited to: requirements, design, implementation, testing, and delivery of new IT solutions, applications, services, and systems, or updating and enhancing existing ones.
• Perform and document vulnerability assessments of Government-identified HHS systems (Deliverable: Vulnerability Assessment Reports).
• Performs social engineering tests; analyzes technical security weaknesses; performs risk analyses; and develops exploits.
• Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding and encryption.
• Develops tools, techniques, training and countermeasures for computer and network vulnerabilities, data hiding and encryption.
• Annually review and update, as needed, all security configurations within automated DevSecOps tools and manual processes to ensure compliance with IC policy. Upon government approval, implement changes to processes and technologies for penetration testing, software assurance, and vulnerability assessment activities, and report metrics in Monthly Status Reports.
Required Qualifications:
• Must have at least 6 years of penetration testing experience and 8 years of general work experience.
• Active Top Secret w/ ability to obtain SCI clearance if required
• This position requires a badge and/or clearance that requires an extensive background, credit, and drug screening check.
Desired Qualifications:
• Cyber security certifications as a Certified Ethical Hacker (CEH), OSCP, GPEN, or equivalent are preferred but not required.
• Proficient in the use of Nessus Security Center, Wireshark, Web Application Scanning, Penetration Testing, BurpeSuite, Kali linux, and similar tools. Must have recent Software Assurance experience. Metasploit experience is preferred.
• Linux and Cisco Routing and Switching experience.
• Bachelor's Degree or Master's Degree in a technology discipline from an accredited university.
• A Master’s Degree may be substituted for 4 years of general work experience.
Salary Band:
$60-$80w2
group id: 91121246
