This site uses cookies. To find out more, see our Cookies Policy

Security Penetration/Red Team Tester in McLean, VA at Booz Allen Hamilton Inc.

Date Posted: 2/25/2019

Job Snapshot

Job Description

Job Number: R0005071

Security Penetration/Red Team Tester

Key Role:

Assess threats and vulnerabilities through testing and evaluation activities, including network penetration testing and Web application security testing under limited supervision. Conduct social engineering exercises and red team engagements. Determine deviations from required and acceptable configurations and consult on the evaluation of the existing level of risk. This position is located in McLean, VA and will require occasional travel to other locations throughout the US.

Basic Qualifications:

-5+ years of experience with network vulnerability assessments, Web application security testing, network penetration testing, red teaming, or security operations or hunt
-Experience with obfuscation and multiple methods of payload delivery, including executable and scripting files
-Experience with Windows environments and Active Directory concepts
-Ability to convey results clearly in formal technical reports and deliver briefings to senior client staff

-Ability to travel between 25-50% of the time

-HS diploma or GED

Additional Qualifications:

-Experience with working in a commercial consulting or professional services environment

-Experience with phishing and other social engineering tactics

-Experience with using multiple command and control channels, including DNS and HTTPS

-Experience with Cobalt Strike

-Experience with programming using one or more of the following: Perl, Python, Ruby, Bash, C or C++, C#, or Java, including scripting and editing existing code
-Experience with assembly languages, including x86 or reverse engineering

-Experience with physical security assessments, including the use of proxmark3 or similar proximity card spoofing or copying devices

-Knowledge of open security testing standards and projects, including OWASP and ATT&CK
-Ability to show enthusiasm for security and technology
-BS degree in Computer Engineering, CS, or a technical field preferred
-OSCP, OSCE, or OSWE or SANS Certification

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

#LI-AH1, AFH16, AFH26, CMCL, TMJ16

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.

Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.