Expoint - all jobs in one place

מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר

Limitless High-tech career opportunities - Expoint

IBM Penetration Tester 
United States, Virginia, Reston 
543816217

29.07.2024

Your Role and Responsibilities

As a Senior Penetration Tester you will be supporting the mission of a progressive Federal agency. You will perform vulnerability assessments and penetration testing following the customer’s prescribed scope to target, assess, and exploit risk and vulnerabilities of information systems and inform strategic decisions. The successful candidate will be able to conduct hands-on penetration testing, analyze test results and recommend changes and countermeasures to enhance enterprise security.

This program will support our US Customs and Immigration Services Cyber Security Defense Services Contract that provides support to Security Engineering Branch of Information Security Division (ISD) of USCIS. We protect USCIS’ IT infrastructure and resources, information systems, and the information that is used in these environments from cybersecurity threats.


Required Technical and Professional Expertise

  • Experience with end to end testing, including applying adversarial and computer attack methods and system exploitation techniques.
  • Experience with penetration testing tools such as Nmap, fluff, Metasploit, Kali Linux, Core Impact , Immunity Canvas.
  • Experience applying Linux, Windows, and virtual platforms security principles.
  • Working knowledge of one or more of the following programming languages: Java, PHP, Perl, Python, Ruby, PowerShell ,Go .
  • US Citizen and able to obtain a Government Agency clearance
  • Certifications: Must have ONE of the following active certifications:
  1. Exploit Researcher and Advanced Penetration Tester (GXPN)
  2. Offensive Security Certified Expert (OSCE)
  3. Offensive Security Certified Professional (OSCP), Offensive Security Exploitation Expert (OSEE)


Preferred Technical and Professional Expertise

  • Identifying false-positives, documenting system risks, test plans, procedures, and results.
  • Linux, Windows, and virtual platforms security principles.
  • Communicating vulnerability results and risk posture to senior executives.