Penetration Tester jobs in United States, Virginia, Arlington
EY Government Public Sector - Cybersecurity Junior Penetration ... United States, Virginia, Arlington
Share
Your key responsibilities
As part of our Penetration Testing team, you'll identify potential threats and vulnerabilities to operational environments. Projects here could include penetration testing and simulating physical breaches to identify vulnerabilities.
Our professionals work together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients.
Skills and attributes for success
- Perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing.
- Execute red team scenarios to highlight gaps impacting organizations security postures.
- Ability to work both independently as well as lead a team of technical testers on penetration testing and red team engagements.
- Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations.
- Perform in-depth analysis of penetration testing results and create reports that describe findings, exploitation procedures, risks and recommendations.
- Execute penetration testing projects using the established methodology, tools and rules of engagements.
- Convey complex technical security concepts to technical and non-technical audiences including executives.
To qualify for the role, you must have
- A bachelor's degree and at least 2+ years of related work experience
- Experience with manual attack and penetration testing
- Experience with scripting / programming skills (e.g., Python, PowerShell, Java, Perl etc.).
- Updated and familiarized with the latest exploits and security trends
- Experience leading a technical team to conduct remote and on-site penetration testing within defined rules of engagement.
- Familiarity to perform network penetration testing that involves avoiding detection and common alert thresholds on endpoints and security tooling
- Any two of the following certifications or courses: GSE, OSCP, OSWP, GPEN, GWAPT,OSED, OSEE, GXPN, GRTP, CRTP, GDAT, GREM, SEC670, SEC699, or SEC760
- Must be able to work onsite 5 days a week
- Must have an active aTop Secret-levelclearance and able to maintain
Ideally, you'll also have
- A bachelor's degree in computer science, Cybersecurity, Information Systems, Information Technology, Engineering, or a related field
- Experience with penetration testing
- Knowledge of Windows, Linux, Unix, any other major operating systems
- Familiarity with the latest exploits, tactics, techniques, and procedures (TTP), vulnerability remediation and security trends in Cloud implementations
- Deep understanding of TCP/IP network protocols
- Deep understanding and experience with various Active Directory attack techniques
- Understanding of network security and popular attacks vectors
- An understanding of web-based application vulnerabilities (OWASP Top 10)
What we offer you
- We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $81,700 to $134,700. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $98,100 to $153,100. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options.
- Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year.
- Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
These jobs might be a good fit
EY Government Public Sector - Cybersecurity Penetration Tester ... United States, Virginia, Arlington
Share
Your key responsibilities
As part of our Penetration Testing team, you'll identify potential threats and vulnerabilities to operational environments. Projects here could include penetration testing and simulating physical breaches to identify vulnerabilities.
Our professionals work together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients.
Skills and attributes for success
- Perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing.
- Execute red team scenarios to highlight gaps impacting organizations security postures.
- Ability to work both independently as well as lead a team of technical testers on penetration testing and red team engagements.
- Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations.
- Perform in-depth analysis of penetration testing results and create reports that describe findings, exploitation procedures, risks and recommendations.
- Execute penetration testing projects using the established methodology, tools and rules of engagements.
- Convey complex technical security concepts to technical and non-technical audiences including executives.
To qualify for the role, you must have
- A bachelor's degree and at least 2+ years of related work experience
- Experience with manual attack and penetration testing
- Experience with scripting / programming skills (e.g., Python, PowerShell, Java, Perl etc.).
- Updated and familiarized with the latest exploits and security trends
- Experience leading a technical team to conduct remote and on-site penetration testing within defined rules of engagement.
- Familiarity to perform network penetration testing that involves avoiding detection and common alert thresholds on endpoints and security tooling
- Any two of the following certifications or courses: GSE, OSCP, OSWP, GPEN, GWAPT,OSED, OSEE, GXPN, GRTP, CRTP, GDAT, GREM, SEC670, SEC699, or SEC760
- Willingness to be onsite 5 days a week
- Must have an active TS SCI clearance level and able to maintain
- Must be willing to work on-site 5 days a week as needed by the client in the greater Washington, DC area
Ideally, you'll also have
- A bachelor's degree in computer science, Cybersecurity, Information Systems, Information Technology, Engineering, or a related field
- Experience with penetration testing
- Knowledge of Windows, Linux, Unix, any other major operating systems
- Familiarity with the latest exploits, tactics, techniques, and procedures (TTP), vulnerability remediation and security trends in Cloud implementations
- Deep understanding of TCP/IP network protocols
- Deep understanding and experience with various Active Directory attack techniques
- Understanding of network security and popular attacks vectors
- An understanding of web-based application vulnerabilities (OWASP Top 10)
- Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
- Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
- Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
- Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
These jobs might be a good fit
Capital One Principal Associate Penetration Tester United States, Virginia, Arlington
Share
Primary responsibilities for this position include:
Perform penetration testing of APIs, web applications, networks, and cloud services, as well as related applications and infrastructure.
Assess Capital One’s development practices and help drive corporate security standards.
Help triage and test application responsible disclosure findings and newly disclosed vulnerabilities.
Work with developers to improve the Software Development Lifecycle (SDLC) for applications.
Basic Qualifications:
High School Diploma, GED or equivalent certification
At least 3 years of experience working in cybersecurity or information technology
At least 2 years of Penetration Testing experience
At least 1 year of experience with public cloud environments (AWS, Azure, GCP)
Preferred Qualifications:
Bachelor's Degree
5+ years of security testing experience (red teaming, cloud security, application security, or network security)
5+ years of experience with threat modeling concepts and frameworks (CVSS, MITRE ATT&CK, DREAD, or STRIDE)
Penetration testing experience with Internet of Things (IoT) devices, mobile applications, or code review.
Development experience with commonscripting/programminglanguages such as Python, Golang, and C#.
. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.
If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
These jobs might be a good fit
Capital One Compliance Tester III Principal Associate United States, Virginia, Arlington
Share
Job Description:
Responsibilities will include:
Under the leadership of a team leader, execute targeted transaction or control testing for applicable regulatory requirements.
Manage testing schedules to ensure all tasks and reporting are completed within established timeframes.
Analyze data from multiple sources and systematically document the work and results.
Support management and review transaction and control tests executed by peers for accuracy and adherence to testing methodology.
Participate in Annual Planning.
Establish and maintain strong relationships with Compliance Advisors and Business areas as needed.
Assist in communicating results to Compliance Officers, Advisors and Business areas, as needed.
Basic Qualifications:
High school diploma, GED, or equivalent certification
At least 3 years of experience testing or monitoring in a compliance department for an institutional broker dealer or a swap dealer, or at least 3 years of experience performing a compliance advisory role, or at least 3 years of experience at a regulator.
Preferred Qualifications:
Bachelor's degree in Auditing, Accounting, Finance, Economics, Information Systems, or Business Administration
4+ years of experience testing or monitoring
4+ years of experience as a compliance advisor in a compliance department for an institutional broker dealer or swap dealer
4+ years of experience with NFA, FINRA SEC or CFTC
Proficient knowledge of swaps (interest rate, or foreign exchange, or commodities), or derivatives or futures
Proficient knowledge of CFTC, NFA, SEC, FINRA, and FDPA regulations.
*At this time, Capital One will not sponsor a new applicant for employment authorization for this position.
McLean, VA: $117,300 - $133,900 for Compliance Tester III Plano, TX: $106,700 - $121,700 for Compliance Tester III Richmond, VA: $106,700 - $121,700 for Compliance Tester IIIThis role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI). Incentives could be discretionary or non discretionary depending on the plan.. Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.
If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation, please contact Capital One Recruiting at 1-800-304-9102 or via email at . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
These jobs might be a good fit
Share
Your key responsibilities
As part of our Penetration Testing team, you'll identify potential threats and vulnerabilities to operational environments. Projects here could include penetration testing and simulating physical breaches to identify vulnerabilities.
Our professionals work together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients.
Skills and attributes for success
- Perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing.
- Execute red team scenarios to highlight gaps impacting organizations security postures.
- Ability to work both independently as well as lead a team of technical testers on penetration testing and red team engagements.
- Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations.
- Perform in-depth analysis of penetration testing results and create reports that describe findings, exploitation procedures, risks and recommendations.
- Execute penetration testing projects using the established methodology, tools and rules of engagements.
- Convey complex technical security concepts to technical and non-technical audiences including executives.
To qualify for the role, you must have
- A bachelor's degree and at least 2+ years of related work experience
- Experience with manual attack and penetration testing
- Experience with scripting / programming skills (e.g., Python, PowerShell, Java, Perl etc.).
- Updated and familiarized with the latest exploits and security trends
- Experience leading a technical team to conduct remote and on-site penetration testing within defined rules of engagement.
- Familiarity to perform network penetration testing that involves avoiding detection and common alert thresholds on endpoints and security tooling
- Any two of the following certifications or courses: GSE, OSCP, OSWP, GPEN, GWAPT,OSED, OSEE, GXPN, GRTP, CRTP, GDAT, GREM, SEC670, SEC699, or SEC760
- Must be able to work onsite 5 days a week
- Must have an active aTop Secret-levelclearance and able to maintain
Ideally, you'll also have
- A bachelor's degree in computer science, Cybersecurity, Information Systems, Information Technology, Engineering, or a related field
- Experience with penetration testing
- Knowledge of Windows, Linux, Unix, any other major operating systems
- Familiarity with the latest exploits, tactics, techniques, and procedures (TTP), vulnerability remediation and security trends in Cloud implementations
- Deep understanding of TCP/IP network protocols
- Deep understanding and experience with various Active Directory attack techniques
- Understanding of network security and popular attacks vectors
- An understanding of web-based application vulnerabilities (OWASP Top 10)
What we offer you
- We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $81,700 to $134,700. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $98,100 to $153,100. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options.
- Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year.
- Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
These jobs might be a good fit
