Senior Penetration TesterGermantown, MD, USA Req #1046Friday, February 14, 2025ASRC Federal is a leading government contractor furthering missions in space, public health and defense. As an Alaska Native owned corporation, our work helps secure an enduring future for our shareholders. Join our team and discover why we are atop veteran employer (https://www.asrcfederal.com/asrc-federal-earns-military-times-best-for-vets-and-military-com-top-25-veteran-employer-honors/) andCertified Great Place to Work™ (https://www.asrcfederal.com/asrc-federal-receives-great-place-to-work-certification-for-2024/) ASRC Federal is seeking a highly experienced Penetration Tester to join our cybersecurity team. The ideal candidate will conduct authorized vulnerability assessments and penetration tests, develop new tests based on emerging threats, and maintain a thorough understanding of cybersecurity techniques and legal scopes. Certification in penetration testing or ethical hacking is strongly preferred. Key Responsibilities:
Conduct authorized vulnerability assessments and penetration tests to identify weaknesses in networks, applications, websites, physical systems, cloud services, and social structures.
Ensure rules of engagement are established for all tests.
Conduct White Hat and Grey Hat penetration testing/Purple Teaming of EM site mission system IT systems.
Plan for testing up to 10 Accreditation Boundaries with the number of systems spanning between 100-40,000 nodes.
Prepare detailed reports documenting test findings.
Perform out briefings with stakeholders, recommending vulnerability remediation strategies.
Design and develop new tests based on emerging cybersecurity threats and maintain a clear understanding of the legal scope of test operations.
Support information system vulnerability assessments. Conduct information system security audits from both logical/theoretical and hands-on technical standpoints.
Develop, research, and maintain proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding, and encryption.
Perform research into current threats and adversary tactics, techniques, and procedures.
Qualifications:
Provides technical/management leadership on major tasks or technology assignments.
Establishes goals and plans that meet project objectives.
Possesses domain and expert technical knowledge.
Directs and controls activities for a client, having overall responsibility for financial management, methods, and staffing to ensure technical requirements are met.
Interactions involve client negotiations and interfacing with senior management.
Decision making and domain knowledge may have a critical impact on overall project implementation.
May supervise others.
Must possess at least 5 years of relevant work experience and a bachelor's degree from an accredited university in a related field.
One year of relevant experience may be substituted for one year of required education.
Successful candidate is subject to a background investigation by the government and must be able to meet the requirements to hold a position of public trust. We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefits packages. Benefits offered may include health care, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law.EEO Statement ASRC Federal and its Subsidiaries are Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law. Other details
Job FamilyInformation Technology
Job Sub-FamilyCyber Security
Pay TypeSalary
Germantown, MD, USA
<