Web Application Security Tester in Washington, DC at Booz Allen Hamilton

Date Posted: 2/5/2018

Job Snapshot

Job Description

Job Number: R0003213

Booz Allen Hamilton has been at the forefront of strategy and technology for more than 100 years. Today, the firm provides management and technology consulting and engineering services to leading Fortune 500 corporations, governments, and not-for-profits across the globe. Booz Allen partners with public and private sector clients to solve their most difficult challenges through a combination of consulting, analytics, mission operations, technology, systems delivery, cybersecurity, engineering and innovation expertise.


Web Application Security Tester

Key Role:

Work in a challenging environment that combines technical security operations talent with business consulting expertise to deliver industry leading IT security testing services. Join a team of security enthusiasts that perform cutting-edge research and promote an environment of innovation and knowledge-sharing. Lead a continuous unauthenticated Web application security testing program to periodically assess a wide variety of Web applications using industry standards, including OWASP.  Work with a team of 10+ seasoned security testing professionals to enhance existing services offerings and security testing capabilities. Conduct hands-on technical testing beyond automated tool validation, including full exploitation and leveraging of access within multiple environments, and develop comprehensive and accurate reports and presentations for both technical and executive audiences. Communicate findings and strategy to client stakeholders, including technical staff and executive leadership. Act as the primary interface and lead for small Web application testing teams ranging from one to three additional testers and manage the delivery of staff assignments, as needed. This position will require occasional travel to other locations throughout the US and is located in McLean, VA.


Basic Qualifications:

-5+ years of experience with network vulnerability assessments, Web application security testing, network penetration testing, red teaming, or security operations or hunt

-Experience with using, administering, and troubleshooting two or more major platforms of Linux, including Ubuntu and Red Hat

-Experience with Windows environments and Active Directory concepts

-Experience with programming one or more of the following: Perl, Python, ruby, bash, C or C++, C#, or Java, including scripting and editing existing code

-Experience with conducting all types of Web applications security testing, including those indicated in the OWASP testing guide

-Ability to clearly convey results in formal technical reports and deliver briefings to senior client staff

-Ability to obtain a security clearance required


Additional Qualifications:

-Experience with phishing and other social engineering tactics

-Experience with assembly languages, including x86, or reverse engineering

-Ability to show enthusiasm for security and technology

-BS degree in Computer Engineering or CS or a technical field preferred

-DoD 8570 Certification
-OSCP, OSCE, OSWE, or SANS Certification


Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.


Integrating a full range of consulting capabilities, Booz Allen is the one firm that helps clients solve their toughest problems by their side to help them achieve their missions.  Booz Allen is committed to delivering results that endure.

We are proud of our diverse environment, EOE, M/F/Disability/Vet.

CMCL

Your Career is Waiting.

Get job alerts. Learn about new work and upcoming events. Share open roles with friends and colleagues.
Our Talent Network is your opportunity hub.


Get Answers and Access.

Need more information? Find it in our FAQs.

Application already in-process? Log in to keep going.