Description
Description
As a Penetration Tester, you will play a crucial role in proactively discovering vulnerabilities in systems and on the Department of Veterans Affairs networks. Your primary focus is completing time-based penetration tests to support the Authority to Operate (ATO) approval process for System Owners.
Duties:
· Perform penetration testing against various systems, which may include web applications, databases, web services, network devices, operating systems, cloud installations, and infrastructure (hardware) devices
· Utilize a variety of industry standard security tools to conduct manual-based security assessments
· Utilize a variety of industry standard security tools to conduct automated scans against systems
· Review new vulnerabilities as they are published and develop impact assessments
· Determine risk from vulnerabilities based on availability of exploit and potential loss of information and IT services capabilities
· Produce periodic trending and impact reports as required
· Generate reports (automated and manual) based on results from assessments and have the ability to explain in detail to customers
· Develop new testing techniques and programs to support the Penetration testing team
· Manage and maintain hardware and software an ability to provide infrastructure maintenance support to attack systems
· Knowledge and experience with processes and procedures relating to information gathering, threat modeling, vulnerability analysis, exploitation, post-exploitation, and reporting
Qualifications
Requirements
· Bachelor's degree (4 years of additional relevant experience may be substituted for education)
· 2+ years of experience in the IT functions like network administration, engineering, or security
· 1 year of experience supporting offensive cybersecurity roles
· Must have Penetration Testing certification
Experience with the following:
o Support Windows, Unix, and Linux operating systems
o VMWare
o Kali Linux Suite
o Nessus Scanner (Tenable)
o RedHat Enterprise Linux
o NMAP
o Ability to conduct scripting in bash and powershell
Preferred Certifications:
o OSCP
o PNPT
o Pentest+
o CISSP
o C|EH
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
Apply on company website