Salary Company Skills Job Openings

Penetration Tester jobs in Maryland

Recently Added Penetration Tester jobs

T
Penetration Tester
  • The Hill
  • Beltsville, MD FULL_TIME
  • Job ID: 2404331

    Location: BELTSVILLE, MD, US

    Date Posted: 2024-03-22

    Category: Cyber

    Subcategory: Cyber Engineer

    Schedule: Full-time

    Shift: Day Job

    Travel: Yes, 10 % of the Time

    Minimum Clearance Required: Top Secret

    Clearance Level Must Be Able to Obtain: None

    Potential for Remote Work: No

    Description

    SAIC is seeking a highly motivated Penetration Tester. The successful candidate will provide support to the Cybersecurity Integrity Center (CIC) in the Department of State Bureau of Information Resource Management (IRM). Duties are in the Washington, D.C. metropolitan area (30% in downtown D.C; 70% in Beltsville, MD. The CIC supports cybersecurity monitoring, threat analysis, incident response, and infrastructure remediation within and across all of the State Department’s information technology (IT) infrastructure. The CIC coordinates and collaborates with other State Department bureaus as well as other organizations within the Federal Government, and commercial partners.

    The position allows hybrid remote work. Team is currently reporting onsite 3 days per week or more as needed.

    Description of Duties

    Role

    The Penetration Tester will provide support for HVA Assessments using methodology by Cybersecurity and Infrastructure Security Agency (CISA) Assessment Evaluation and Standardization (AES) program with broad and in-depth knowledge to conduct offensive cyber operations across the organization globally. In this role, you will conduct offensive security operations to emulate adversary tactics and procedures to test preventative, detective, and response controls across the global technology landscape. The Penetration Tester will:

    Conduct highly complex offensive security operations testing consistent with known adversary tactics techniques and procedures and contribute to the development of objectives and approaches taken to remediate risk.

    Apply sound technical and management principles to identify and remediate cybersecurity -vulnerabilities across the State Department global IT enterprise infrastructure.

    Apply organizational and process change principals.

    Evaluate system performance results, perform risk assessments, and evaluate performance metrics.

    Responsibilities Include

    Provide ad-hoc penetration testing and assessment services on Department of State systems identified by the leadership.

    Develop, Identify and resolve security vulnerabilities related to deployment and testing processes.

    Streamline and optimize processes and procedures in order to rapidly remediate vulnerabilities from cybersecurity threats.

    Collaborate with Department and external cyber stakeholders on cybersecurity technology implementations to meet specific operational needs.

    Perform technical evaluations of recommended vulnerability mitigation actions and make recommendations based on impact and/or other countermeasures.

    Develop strategies for CIC cyber defense technologies, ensuring integration and alignment for continued operation.

    Conduct assessments of threats and vulnerabilities; determine deviations from acceptable configurations, enterprise, or local policy; assess the level of risk; and develop and/or recommend appropriate mitigation countermeasures in operational and non-operational situations.

    Network Mapping include but are not limited to a network map of the organization’s system that includes a visual representation of the organization's physical devices and digital network.

    Perform operation and maintenance activities in support of existing CIC cyber tools and technologies (MSV, Qualys, Tenable Nessus and others).

    Identify, diagnose, and prioritize anomalies in cyber defense infrastructure and resources.

    Perform cybersecurity testing of developed applications and/or systems.

    Identify and direct the remediation of technical problems encountered during testing and implementation of new systems.

    Document security issues and impacts identified through offensive operations in a clear and concise manner to facilitate reporting to impacted stakeholders.

    Provide guidance and recommendations to stakeholders responsible for security remediation actions to close identified gaps and remediation validation testing.

    Independently handle complex issues with minimal supervision, while escalating only the most complex issues to appropriate staff.

    Qualifications

    Required Education & Experience

    Bachelor’s and five (5) years or more experience; Master’s and three (3) years or more experience.

    A degree in Cybersecurity or related field.

    4-6 years penetration testing experience.

    Web application penetration testing, LPT, Source code vulnerability analysis, serious problem-solving skills experience.

    All penetration testers/operators must be DHS/CISA AES qualified within 90 days of onboarding.

    Required Clearance

    US Citizenship.

    Active Top Secret Clearance

    Desired

    4 years Microsoft Operating Systems (OS) engineering and support experience focusing on Active Directory (AD), System Center Configuration Manager (SCCM), System Center Operations Manager (SCOM).

    4-6 years Network penetration testing experience.

    In-depth experience in planning, implementing, and managing large/global enterprise infrastructures.

    Familiarity of various analytical tools (Splunk, USBDeview, Netwitness, MimiKatz).

    Understanding of Security Information and Event Management (SIEM) tools (Splunk, McAfee).

    Familiarity of Cobalt Strike, Nessus, Kali Linux, Burp Suite, Nmap and OpenVAS for databases.

    Knowledge of general attack stages.

    Skill in the use of social engineering techniques and using penetration testing tools.

    Familiarity with OMB, NIST, DHS, and related security guidelines and directives.

    Interpersonal skills including the ability to collaborate effectively, and excellent written and oral communications.

    Network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).

    Server/endpoint OS (Microsoft, Linux, IOS) along with mobile and cloud technologies.

    Cloud application security, Vulnerability Management and Security Information, and Event Management capabilities.

    Countermeasures / mitigations to identified cybersecurity risks.

    Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration Protocol (DHCP), domain name system, and directory services.

    Certifications: LPT (Licensed Penetration Testers, Microsoft Certifications (MCSE, MCSA, MCSD),OSCP (Offensive Security Certification Professional), ISACA Certified Information Systems Auditor (CISA), SCP Security Certified Network Architect (SCNA), ISACA Certified Information Security Manager (CISM)

    Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.

    Apply
  • Just Posted
Apply this Job
B
Penetration Tester
  • Belay Technologies
  • Annapolis, MD FULL_TIME
  • Belay Technologies has been voted Baltimore Business Journal's (BBJ) Best Places to Work 2019, runner-up in 2020, and a finalist in 2021! Belay Technologies is seeking a Lead Penetration Tester is nee...
  • 26 Days Ago
Apply this Job
J
Penetration Tester
  • JASINT
  • Annapolis, MD FULL_TIME
  • Job Title: Penetration Tester Location(s): Annapolis Junction, MD Hours: Regular Full-Time Clearance Requirements: This position requires a current and active TS/ SCI with FS Poly at the time of appli...
  • 6 Days Ago
Apply this Job
F
Penetration Tester
  • Fuse Engineering LLC
  • Fort Meade, MD FULL_TIME
  • DescriptionPreferred skills to include Red Team experience, Adversary Emulation and supporting Purple Team process. RequirementsTop Secret SCI w/ Polygraph clearance requiredBachelor's Degree (BS) in ...
  • 2 Months Ago
Apply this Job
D
Penetration Tester
  • Delmock Technologies Inc
  • Laurel, MD CONTRACTOR
  • About Our Company: Join Delmock Technologies, Inc. (DTI), a leading HUBZone business in Baltimore, known for delivering sophisticated IT and Health solutions with a commitment to ethics, expertise, an...
  • 2 Months Ago
Apply this Job
I
Senior Penetration Tester
  • Independent Software
  • Fort Meade, MD FULL_TIME
  • What you will be doing!Independent Software is hiring a Senior Penetration Tester to join our team in supporting a customer based in Fort Meade, MD. In this position you will develop methods to defend...
  • Just Posted
Apply this Job
View All Penetration Tester Jobs

Penetration Tester jobs at Popular Companies

F
Penetration Tester
  • Fortune 500 Companies
  • Plano, TX
  • Offensive Security - Sr. Pentester / Red team operator Job Description Overview Within the Cyber Fusion Center, the Offe...
  • 6/2/2024 12:00:00 AM
Apply this job
C
Penetration Tester
  • CCS Global Tech
  • Annapolis Junction, MD
  • Job Title: Penetration Tester (Lead) # Positions: 1 Location: Annapolis Junction, Maryland Required Active TS/SCI w FSP ...
  • 6/2/2024 12:00:00 AM
Apply this job
A
Penetration Tester
  • ACL Digital
  • New York, NY
  • Physical Penetration Tester Onsite at New York, NY – Must travel to 3 sites. Long term contract Need to have network and...
  • 6/2/2024 12:00:00 AM
Apply this job
F
Penetration Tester
  • Foxhole Technology
  • Herndon, VA
  • Job Title: Senior Penetration Tester Clearance: Secret Location: Leesburg, VA (Onsite 3 days per week) Discover an excit...
  • 6/2/2024 12:00:00 AM
Apply this job
D
Penetration Tester
  • Dexian
  • Dallas, TX
  • Hi, We are hiring for Penetration test role hybrid to Dallas TX - c2h Role. Primary Responsibilities: The Application Se...
  • 5/31/2024 12:00:00 AM
Apply this job
I
Penetration Tester
  • Insight Global
  • Plano, TX
  • Required Skills & Experience -5+ years of experience in a technical security role -Advanced knowledge of the Burp Suite ...
  • 5/29/2024 12:00:00 AM
Apply this job
L
Penetration Tester
  • Leidos
  • Ashburn, VA
  • Description At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are de...
  • 5/23/2024 12:00:00 AM
Apply this job
L
Penetration Tester
  • Leidos
  • Huntsville, AL
  • Description Leidos Defense Systems is seeking a full-time Penetration Tester - Security Engineer to perform penetration ...
  • 3/13/2024 12:00:00 AM
Apply this job
View All Penetration Tester Jobs

About Maryland

Maryland (US: /ˈmɛrələnd/ (listen) MERR-əl-ənd) is a state in the Mid-Atlantic region of the United States, bordering Virginia, West Virginia, and the District of Columbia to its south and west; Pennsylvania to its north; and Delaware to its east. The state's largest city is Baltimore, and its capital is Annapolis. Among its occasional nicknames are Old Line State, the Free State, and the Chesapeake Bay State. It is named after the English queen Henrietta Maria, known in England as Queen Mary. Sixteen of Maryland's twenty-three counties border the tidal waters of the Chesapeake Bay estuary and...
Source: Wikipedia (as of 04/11/2019). Read more from Wikipedia
Income Estimation for Penetration Tester jobs
$82,496 to $107,319

Most Popular Cities in Maryland for Penetration Tester Jobs

What does a Penetration Tester do?

Penetration Tester in Washington, DC
Execute standardized IV&V practices to evaluate comprehensive state of the security posture.
March 29, 2023
Penetration Tester
Assist with development of Threat Hunting function that leverages threat intelligence and Indicators of Compromise (IOCs) to detect threats, identify security gaps and improve SOC operations.
February 04, 2023
Penetration Tester
Helps to perform analysis and mitigation of security vulnerabilities.
April 30, 2023