Jobs · Information Technology · Maryland

Lead Penetration Tester TS/SCI Polygraph

Leidos · Annapolis Junction, MD · 3 mo ago
On-siteInformation Technology$131k–$237k/yrFull-time

About the role

Leidos is seeking a Lead Penetration Tester to join a high performing agile team using the Scaled Agile Framework (SAFe) methodology on a large, complex program that provides system engineering, development, test, integration and operational support.

Responsibilities

  • Perform internal and external pentests against systems to determine vulnerabilities and develop mitigation strategies.
  • Perform web app pentests.
  • Perform vulnerability risk assessments.
  • Perform physical pentests and social engineering analysis.
  • Perform cyber incident response as needed.
  • Evaluate the impact of new development on the operational security posture of IT systems.
  • Evaluate, review, and test critical software.
  • Formulate security compliance requirements for new system features.
  • Identify and remediate security issues throughout the system.
  • Audit and assess system security configuration settings using common methodologies and tools.
  • Work with development teams to enrich team-wide understanding of different types of vulnerabilities, attack vectors, and remediation approaches.
  • Work closely with System Engineering, Test Engineering, and Integration teams to ensure hardware and software architecture and implementations meet strict security requirements.
  • Serve as a Subject Matter Expert in security architecture, to include providing advice to Program Managers, Customer technical experts, and internal program teams.

Requirements

  • Bachelor’s degree in a technical/information assurance field and at least 12 years of prior relevant experience.
  • Experience with penetration testing tools.
  • Experience in web development and programming languages such as Java, XML, Perl and HTML.
  • Experience with programming/scripting in Python, Powershell, C, JavaScript, etc.
  • Experience with IT security risk assessments.
  • Experience with web app and physical pentests.
  • Experience with or strong familiarity of the following Web Application tools: Burp Suite, Web Inspect, Appdetective.
  • Experience with or strong familiarity of Kali.
  • Experience with or strong familiarity of IPS/IDS solutions.
  • A strong understanding of the Cyber Kill Chain methodology.
  • Experience applying Risk Management Framework.
  • Experience with secure configurations of commonly used desktop and server operating systems.
  • The ability to effectively collaborate with technical staff and customers to form mitigation strategies and plan for continuous modernization and legacy integration.
  • Experience managing multiple projects simultaneously and quickly and effectively adjusting to shifting priorities in resolving issues.

Qualifications

  • Certifications in one or more of the following areas strongly preferred: GIAC Web Applications Penetration Tester (GWAPT), GIAC Penetration Tester (GPEN), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), Certified Web Application Defender (GWEB), Certified Information System Security Professional (CISSP).
  • Extensive experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response.
  • Extensive experience providing information assurance support for application development that includes system security certifications and project evaluations for firewalls that encompass development, design, and implementation.

Skills

  • Strong analytical and problem-solving skills.
  • Excellent communication and interpersonal skills.
  • Ability to work independently and as part of a team.
  • Knowledge of cybersecurity principles and practices.
  • Ability to manage multiple tasks and prioritize accordingly.

Benefits

At Leidos, we offer competitive benefits, including Paid Time Off, 11 paid Holidays, 401K with a 6% company match and immediate vesting, Flexible Schedules, Discounted Stock Purchase Plans, Technical Upskilling, Education and Training Support, Parental Paid Leave, and much more.

Pay

$131,300.00 - $237,350.00

Schedule

Flexible Schedules

Similar jobs

Tester - TS/SCI with Polygraph

General Dynamics Information TechnologyHerndon, VA· 2 wk ago
Engineering$162k–$219k/yrapply on gdit.wd5.myworkdayjobs.com