Job DescriptionTyto Athene is searching for aMid-Level Penetration Testerto support our customer in Arlington, Virginia.Responsibilities:
- Conduct vulnerability assessments
- Carry out penetration tests, perform social engineering tests
- Analyze technical security weaknesses
- Perform risk analyses and develop exploits
- Research and maintain proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding, and encryption
- Develop tools, techniques, training, and countermeasures for computer and network vulnerabilities, data hiding, and encryption.
Required:
- Bachelor's degree in Computer Science, Information Technology, or related field and 8 years of relevant experience or a Masters degree and 4 years.
- Must have a strong technical background and understand system architecture and design, operating systems, network infrastructure, software installation on test platforms, software development, database, and operating systems.
- Security, Software Development, Networking, and/or Systems Administrator Experience
- Understanding of 3-tiered Web Applications and Mobile Application Architectures
- Manual Penetration Testing Experience (i.e. mapping applications, injecting SQLi, XSS, XXE, exploit creation)
- Must have Commercial Web Application Tool Experience (i.e. BurpSuite, AppScan, WebInspect)
- Network Penetration Testing Tool Experience (i.e. Nmap, Nessus, Wireshark, Metasploit, Hydra, John)
- Exceptional communication skills, with the ability to explain the technical details of OWASP Top 10 and other vulnerabilities from C-levels to developers in a large professional environment
Desired:
- Certifications Preferred (Not Required):
- PNPT - Practical Network Penetration Tester
- OSCP - Offensive Security Certified Professional
- CRTO - Certified Red Team Operator
- CRTP - Certified Red Team Professional
- Web Services Security Penetration Testing Experience
- Commercial Network Penetration Testing Tool Experience (i.e. Metasploit and Cobaltstrike)
- Experience with Open Source Tools (i.e. Powershell Empire, PowerSploit, Impacket, Rubeus and Mimikatz)
- Software Development and/or Scripting Experience in PowerShell, .NET, C++, Java, C#, perl, python or bash
- Experience with Virtual Machine technologies
- Database Experience (DBA or security penetration testing)
- Source Code Review (aka Static Code Analysis) experience
- Good technical writing skills and attention to detail
Clearance: Active Secret clearance requiredCertification:DoD 8570 IAM/IAT Level II certification. This will change to a DoD 8140 equivalent once a DISA 8140 policy is released.Location:This is an on-site role with expectations of being on the client site in Arlington, VA five days a week.Additional InformationAfter several strategic acquisitions in 2021, Tyto Athene has experienced enormous opportunity and growth. Aside from being the leading provider of mission-focused IT and Cyber services and solutions to critical U.S. government agencies, Tyto is well-positioned to meet the growing demand for network modernization requirements across the federal enterprise.Our employees are the key to the innovation that has made Tyto a success. We provide an environment that is geared to reward potential, innovation, and teamwork. If you would like to unleash your creativity and your careerit's time to join Team Tyto!