30 days old

Federal Sr Penetration Tester

Washington, DC 20020

Organization: Accenture Federal Services

Location: Washington, DC

We are:

Accenture Federal Services, providing a tailored strategy to address the many cybersecurity challenges faced by customers in todays ever-changing business and industry landscape. Our team delivers a wholistic approach to cybersecurity assessment, monitoring, investigation, and response. Whether were defending against identified threat actors, detecting and responding to the unknown, or running an entire security operations center, we build cyber resilience so our clients can grow with confidence in their security.

You are:

A Penetration Tester provides clients with thorough assessments that emulate real world attacks to ensure environments are secure. You go beyond vulnerability identification and provide clients with Security Control feedback and provide recommendations on how to best secure an environment.

The Work:

The Security Specialist will follow industry best practices and methodologies, including the Open Web Application Security Project (OWASP) Testing Guide, to perform penetration testing services to uncover vulnerabilities across various web applications

Perform network penetration testing, using tools such as nmap, Metasploit Pro, Cobalt Strike. Test web services using automated web application scanning methodologies and tools (e.g. IBM AppScan, HP WebInspect, Acunetix WVS, etc...)

Test web services using a manual in-depth testing methodologies and tools (e.g. Burp Suite Pro, ZAP Proxy, IronWASP, etc...)

Summarize and document results of testing for management reporting including proper disposition of test exceptions.

Research new threats, attack vectors, and risk.

Report on security vulnerabilities via formal reports and weekly status updates.

Verify the security findings from other members of the penetration testing team.

Here's what you need:

+ Bachelors Degree

+ 7 years' experience

+ Must be a US Citizen

Bonus points if you have:

+ Industry certifications relating to IT security and program management preferred (GIAC, GPEN, OSCP, CEH)

+ Experience with web application penetration testing tools preferred, such as Burp Suite Pro, IBM AppScan, HP WebInspect, etc...

+ Experience with network penetration testing tools

+ Ability to work independently and also collaborating closely with application developers, engineers and others.

+ Must be self-motivated and results oriented.

+ Effective written, oral communication skills, and interpersonal communication skills.

+ Strong communications skills to be able to interact with technical and non-technical colleagues.

+ Knowledge of the latest security threats, techniques and exploits targeting vulnerabilities

+ Network and web application penetration testing

+ Vulnerability assessments followed by providing best security practice recommendations and countermeasures

+ Strong familiarity with multiple operating systems, databases, applications and platforms.

+ Understanding of SQL, XSS, CSRF, XXE, and other trends in web exploitation

+ Working understanding of HTML and common web applications

+ Thorough understanding of computer networking and the OSI model

+ Cyber-threat research, reporting and development/implementation of vulnerability mitigation strategies

+ Experience with network, web, and information security

+ Self-starter with ability work with little supervision

+ Programming experience is a plus!

+ Calculate and assess risk based on threats, vulnerabilities, and mitigating factors.

+ Expert knowledge in computer and network security.

+ Expert level knowledge in penetration testing methodology.

+ Knowledge of exploit development.

+ Knowledge of common IT technologies (OS, databases, network devices, applications)

+ Familiarity in one or more of the following areas: application security, Linux/Windows system security, mobile device security, cloud technologies (IaaS, SaaS environments, etc.), and web technologies.

+ Demonstrated knowledge and experience evaluating IT process areas, such as logical and physical access, program development, change management, IT operations etc.

+ Strong project management skills and ability to multi-task.

+ Detail oriented and analytical.

An active security clearance or the ability to obtain one may be required for this role.

Candidates who are currently employed by a client of Accenture or an affiliated Accenture business may not be eligible for consideration.

Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States and with Accenture (i.e., H1-B visa, F-1 visa (OPT), TN visa or any other non-immigrant status).

Accenture is a Federal Contractor and an EEO and Affirmative Action Employer of Females/Minorities/Veterans/Individuals with Disabilities.

Equal Employment Opportunity

All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.

Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.

Accenture is committed to providing veteran employment opportunities to our service men and women.


Posted: 2020-12-23 Expires: 2021-02-14

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Federal Sr Penetration Tester

Washington, DC 20020

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast