24 days old

Federal Sr Penetration Tester

Washington, DC 20020


Organization: Accenture
Federal Services


Location: Washington, DC





We are:


Accenture Federal Services, helping our federal
clients tackle their toughest challenges while unleashing their fullest
potentialand then some. What makes our approach so unique? Operating from the
nations capital, we bring together commercial innovation and leading-edge
technologies to deliver an integrated and interactive experience that far
exceeds expectations. How? Our passion meets purpose! Through our diverse culture
and inclusive thinking, we embrace our employees' ideas taking them from
concept to practical solutions. Not to mention, we sleep well at night knowing
our work directly impacts and improves the way the world works. We keep our
tech smarts sharp by providing abundant training and certification
opportunities. Are you ready to learn and grow in a career, while making a
difference?





The Security Specialist will follow industry best practices and
methodologies, including the Open Web Application Security Project (OWASP)
Testing Guide, to perform penetration testing services to uncover
vulnerabilities across various web applications


Perform network penetration testing, using tools such as nmap,
Metasploit Pro, Cobalt Strike. Test web
services using automated web application scanning methodologies and tools (e.g.
IBM AppScan, HP WebInspect, Acunetix WVS, etc...)


Test web services using a manual in-depth testing methodologies
and tools (e.g. Burp Suite Pro, ZAP Proxy, IronWASP, etc...)


Summarize and document results of testing for management reporting
including proper disposition of test exceptions.


Research new threats, attack vectors, and risk.


Report on security vulnerabilities via formal reports and weekly
status updates.


Verify the security
findings from other members of the penetration testing team.



















Basic Skills & Qualifications:





+ Bachelors Degree


+ 7 years' experience


+ Must be a US Citizen









Preferred
Skills & Qualifications:





+ Industry certifications relating to IT security and program
management preferred (GIAC, GPEN, OSCP, CEH)


+ Experience with web
application penetration testing tools preferred, such as Burp Suite Pro, IBM
AppScan, HP WebInspect, etc...


+ Experience with network penetration testing tools


+ Ability to work
independently and also collaborating closely with application developers,
engineers and others.


+ Must be self-motivated and
results oriented.


+ Effective written, oral
communication skills, and interpersonal communication skills.


+ Strong communications skills
to be able to interact with technical and non-technical colleagues.


+ Knowledge of the latest
security threats, techniques and exploits targeting vulnerabilities


+ Network and web application
penetration testing


+ Vulnerability assessments
followed by providing best security practice recommendations and
countermeasures


+ Strong familiarity with
multiple operating systems, databases, applications and platforms.


+ Understanding of SQL, XSS,
CSRF, XXE, and other trends in web exploitation


+ Working understanding of
HTML and common web applications


+ Thorough understanding of
computer networking and the OSI model


+ Cyber-threat research,
reporting and development/implementation of vulnerability mitigation strategies


+ Experience with network,
web, and information security


+ Self-starter with ability
work with little supervision


+ Programming experience is a
plus!


+ Calculate and assess risk
based on threats, vulnerabilities, and mitigating factors.


+ Expert knowledge in
computer and network security.


+ Expert level knowledge in
penetration testing methodology.


+ Knowledge of exploit
development.


+ Knowledge of common IT
technologies (OS, databases, network devices, applications)


+ Familiarity in one or more
of the following areas: application security, Linux/Windows system security,
mobile device security, cloud technologies (IaaS, SaaS environments, etc.), and
web technologies.


+ Demonstrated knowledge and
experience evaluating IT process areas, such as logical and physical access,
program development, change management, IT operations etc.


+ Strong project management
skills and ability to multi-task.


+ Detail oriented and
analytical.











An
active security clearance or the ability to obtain one may be required for this
role.





Candidates
who are currently employed by a client of Accenture or an affiliated Accenture
business may not be eligible for consideration.





Applicants
for employment in the US must have work authorization that does not now or in
the future require sponsorship of a visa for employment authorization in the
United States and with Accenture (i.e., H1-B visa, F-1 visa (OPT), TN visa or
any other non-immigrant status).





Accenture
is a Federal Contractor and an EEO and Affirmative Action Employer of
Females/Minorities/Veterans/Individuals with Disabilities.





Equal
Employment Opportunity





All
employment decisions shall be made without regard to age, race, creed, color,
religion, sex, national origin, ancestry, disability status, veteran status,
sexual orientation, gender identity or expression, genetic information, marital
status, citizenship status or any other basis as protected by federal, state,
or local law.





Job
candidates will not be obligated to disclose sealed or expunged records of
conviction or arrest as part of the hiring process.





Accenture
is committed to providing veteran employment opportunities to our service men
and women.




Categories

Posted: 2020-12-23 Expires: 2021-01-22

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Federal Sr Penetration Tester

Accenture
Washington, DC 20020

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast