MindPoint Group is seeking a Penetration Tester to assist our government and commercial clients with conducting security assessments of their web and mobile applications, as well as their underlying infrastructure.
- Conducts vulnerability assessments
- Carries out penetration tests, performs social engineering tests
- Analyzes technical security weaknesses
- Performs risk analysesand develops exploits
- Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding and encryption
- Develops tools, techniques, training and countermeasures for computer and network vulnerabilities, data hiding and encryption.
- Active Secret Clearance Required
- Minimum of 6 years of general work experience and 3 years of relevant experience in functional responsibility.
- Bachelor’s Degree, or an equivalent combination of formal education, experience.
- Must have a strong technical background and understand system architecture and design, operating systems, network infrastructure, software installation on test platforms, software development, database, and operating systems.
- Security, Software Development, Networking, and/or Systems Administrator Experience
- Deep understanding of 3-tiered Web Application and Mobile Application Architectures
- Manual Penetration Testing Experience (i.e. mapping applications, injecting SQLi, XSS, XXE, exploit creation)
- Must have Commercial Web Application Tool Experience (i.e. BurpSuite, AppScan, WebInspect)
- Network Penetration Testing Tool Experience (i.e. Nmap, Nessus, Wireshark, Metasploit, Hydra, John)
- Exceptional communication skills, with the ability to explain the technical details of OWASP Top 10 and other vulnerabilities from C-levels to developers in a large professional environment
- Web Services Security Penetration Testing Experience
- Software Development and/or Scripting Experience in .NET, C, Java, C#, perl, python or bash
- Mobile Application Penetration Testing (i.e. iOS, Android, Windows, Blackberry)
- Database Experience (DBA or security penetration testing)
- Source Code Review (aka Static Analysis) Experience
- Excellent technical writing skills and attention to detail
- All offers are contingent upon proof of full vaccination against COVID-19 or successful accommodation for an exemption.
- All your information will be kept confidential according to EEO guidelines.
- MindPoint is committed to maintaining a diverse environment. All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.