Penetration Tester

Job Description

MindPoint Group is seeking a Penetration Tester to assist our government and commercial clients with conducting security assessments of their web and mobile applications, as well as their underlying infrastructure.

• Conducts vulnerability assessments
• Carries out penetration tests, performs social engineering tests
• Analyzes technical security weaknesses
• Performs risk analysesand develops exploits
• Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding and encryption
• Develops tools, techniques, training and countermeasures for computer and network vulnerabilities, data hiding and encryption.

Qualifications

• Active Secret Clearance Required
• Minimum of 6 years of general work experience and 3 years of relevant experience in functional responsibility.
• Bachelor’s Degree, or an equivalent combination of formal education, experience.
• Must have a strong technical background and understand system architecture and design, operating systems, network infrastructure, software installation on test platforms, software development, database, and operating systems.
• Security, Software Development, Networking, and/or Systems Administrator Experience
• Deep understanding of 3-tiered Web Application and Mobile Application Architectures
• Manual Penetration Testing Experience (i.e. mapping applications, injecting SQLi, XSS, XXE, exploit creation)
• Must have Commercial Web Application Tool Experience (i.e. BurpSuite, AppScan, WebInspect)
• Network Penetration Testing Tool Experience (i.e. Nmap, Nessus, Wireshark, Metasploit, Hydra, John)
• Exceptional communication skills, with the ability to explain the technical details of OWASP Top 10 and other vulnerabilities from C-levels to developers in a large professional environment

Desired:

• Web Services Security Penetration Testing Experience
• Software Development and/or Scripting Experience in .NET, C, Java, C#, perl, python or bash
• Mobile Application Penetration Testing (i.e. iOS, Android, Windows, Blackberry)
• Database Experience (DBA or security penetration testing)
• Source Code Review (aka Static Analysis) Experience
• Excellent technical writing skills and attention to detail

Additional Information

• All your information will be kept confidential according to EEO guidelines
• Equal Opportunity Employer Veterans/Disabled