Penetration Tester, Mid

The Challenge:

Everyone knows security needs to be “baked in” to a system architecture, but you actually know how to bake it in. You can identify and implement ways to harden systems and reduce their attack surface. What if you could use your cyber engineer skills to design and build secure systems for customer? We’re looking for an engineer who can help create solutions for customer that will stand up to even the most advanced cyber threats.

As a penetration tester on our project, you’ll assist with monitoring, analyzing, detecting, and responding to cyber events and incidents under supervision, including intrusion detection and prevention and situational awareness. You’ll work on a client site maintaining direct contact with client management to provide support and translating the customer’s needs and future goals into a plan that will enable secure and effective solutions. We need to come up with the best solution, so you’ll investigate new techniques, break free from the legacy model, and go where the industry is going. As a team, we’ll take a critical approach to network design, providing alternatives and customizing solutions to maintain a balance of security and mission needs. This is a chance to learn from a team of experts as you make a difference in the security of supporting logistics for the warfighter. Your contributions will help customers overcome their most difficult challenges by interrogating secure practices, supporting dynamic cyber defense and delivering operational effects. Join our team as we improve support to the warfighter through cybersecurity.

Empower change with us.

You Have:

-3+ years of experience with performing vulnerability assessment and penetration testing

-2+ years of experience with testing tools, including NESSUS, METASPLOIT, CANVAS, NMAP, Burp Suite, or Kismet

-2+ years of experience with network vulnerability assessments and penetration testing methods

-2+ years of experience with using, administering, and troubleshooting Windows Server, IIS or Linux server, or Apache

-2+ years of experience with using, administering, and troubleshooting Linux

-1+ years of experience with writing and testing assessment reports

-TS/SCI clearance

-HS diploma or GED

-DoD 8570 IAT level II Certification, including CSSP Analyst

-Licensed Penetration Tester (LPT), Certified Expert Penetration Tester (CEPT), Certified Ethical Hacker (CEH), or Global Information Assurance Penetration Tester (GPEN) Certification

Nice If You Have:

-Experience with scripting in Perl, Python, Ruby, Bash, or Java

-Experience with wireless LAN security testing

-Knowledge of TCP/IP protocols and networking architectures

-Knowledge of PCI DSS testing

-Knowledge of open security testing standards and projects, including OWASP

-Knowledge of database, applications, and Web server design and implementation

-Possession of excellent oral and written communication skills

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance is required.

Build Your Career:

Rewarding work, fun challenges, and a ton of investment in our people—that’s Booz Allen cyber. When you join Booz Allen, we’ll help you develop the career you want.

Competitions — From programming competitions at our PyNights (Python competition and learning events) to competing in CTFs, we’ve got plenty of chances for you to show off your skills.

Paid Research — Have an innovative idea to explore or hypothesis to test? You can participate in challenges via our crowdsourcing platform, the Garage, and other programs to be awarded dedicated time and/or funding to advance your skills.

Cyber University — CyberU has more than 5000 instructor-led and self-paced cyber courses, a free online library that you can access from just about anywhere—including your phone—and certification exam prep guides that include practical assessments to prepare you for your exam.

Academic Partnerships — In addition to our tuition reimbursement benefit, we’ve partnered with University of Maryland University College to offer two graduate certificate programs in cybersecurity—fully funded without a tuition cap.

Maker/Hackerspaces — Race drones, print 3D gadgets, drink coffee from our Wi-Fi coffee maker, and get hands-on training on tools and tech from in-house experts in our dedicated maker and hackerspaces.

We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.

Not ready to apply? Join our talent community and sign up for job alerts.