Security Assessment and Authorization Penetration Tester in Washington, DC at Booz Allen Hamilton

Date Posted: 2/28/2018

Job Snapshot

Job Description

Job Number: R0024067

Booz Allen Hamilton has been at the forefront of strategy and technology for more than 100 years. Today, the firm provides management and technology consulting and engineering services to leading Fortune 500 corporations, governments, and not-for-profits across the globe. Booz Allen partners with public and private sector clients to solve their most difficult challenges through a combination of consulting, analytics, mission operations, technology, systems delivery, cybersecurity, engineering and innovation expertise.

Security Assessment and Authorization Penetration Tester

Key Role:

Apply knowledge of conducting the assessment of threats and vulnerabilities through testing and evaluation activities, including network penetration testing and Web application security testing. Conduct hands–on technical testing beyond automated tool validation, including full exploitation and leveraging of access within multiple environments, such as Windows or *nix, conduct scenario–based security testing, or red teaming to identify gaps in detection and response capabilities of client networks, and develop comprehensive and accurate reports and presentations for both technical and executive audiences. Communicate findings and strategy to client stakeholders, including technical staff. Apply security testing and penetration testing techniques and mindset to a wide range of projects. This position will require occasional travel to the client site located in Washington, DC.

Basic Qualifications:

-5+ years of experience in two or more of the following: network vulnerability assessments, Web application security testing, network penetration testing, or red teaming

-Experience with Windows environments and Active Directory concepts

-Experience with tools, including Nessus, WebInspect, AppDetective, Hailstorm, Metasploit, Burp Suite Pro, Aircrack–ng, and Kismet

-Knowledge of applications, database, and Web server design and implementation

-Knowledge of open security testing standards and projects, including OWASP

-Ability to clearly convey results in formal technical reports and deliver briefings to senior client staff

-Ability to obtain a security clearance required

Additional Qualifications:

-Experience with programming at least one of the following: Perl, Python, Ruby, Bash, C or C++, C#, PHP, iOS, SQL, or Java, including scripting and editing existing code

-Experience with assembly languages, including x86 or reverse engineering

-Experience with wireless LAN security, including 802.11 standards

-BS degree in Computer Engineering, CS, or a technical field preferred

-DoD–8570 Certification

-OSCP, OSCE, or OSWE or SANS Certification


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

Integrating a full range of consulting capabilities, Booz Allen is the one firm that helps clients solve their toughest problems by their side to help them achieve their missions.  Booz Allen is committed to delivering results that endure.

We are proud of our diverse environment, EOE, M/F/Disability/Vet.


Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.