Senior Penetration Tester

You need to sign in or
create an account to save a job.

Job Description:

Job Description

The Annex Program has a critical need for Senior Penetration Testers to join our team working in Reston, VA.

Annex supports a multitude of different projects spanning across multiple organizational lines. Many of these different projects require penetration and other types of security testing. We are looking for excited, highly motivated individuals to join the team.

The Penetration Tester will be responsible for the following:
  • Perform internal and external penetration testing against systems to determine vulnerabilities and offer mitigation strategies.
  • Perform web application penetration tests and assessments
  • Perform mobile application penetration tests and assessments (iOS/Android)
  • Perform vulnerability risk assessments
  • Perform reverse engineering (binaries/malware)
  • Perform penetration testing in various cloud environments (e.g. Azure, AWS, etc.)

    Minimum Requirements include:
  • Bachelor's degree and 12+ years of experience. Additional experience in lieu of degree.
  • Testing experience
  • Extensive experience operating and testing in Cloud environments (Azure, AWS, etc.)
  • Experience testing and reverse engineering mobile devices (Android, iOS)

    Preferred Qualifications / Experience:
  • Extensive experience performing IT security risk assessments
  • Experience with programming/scripting in Python, Powershell, Ruby, C, JavaScript, BASH, etc.
  • Solid foundation of Reverse Engineering fundamentals
  • Experience with Web Application tools, e.g. Burp Suite, Web Inspect, Appdetective, etc.
  • Experience with MetaSploit
  • Experienced with Kali Linux
  • Understand the Cyber Kill Chain
  • Experience with penetration testing cloud environments (AWS/Azure/etc.)

    Prefer one of the following certifications (or equivalent):
  • Offensive Security Certified Professional (OSCP)
  • GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
  • GIAC Web Applications Penetration Tester (GWAPT)
  • GIAC Penetration Tester (GPEN)
  • GIAC Python Coder (GPYC)
  • GIAC Cloud Penetration Tester (GCPN)
  • GIAC Assessing and Auditing Wireless Networks (GAWN)
  • Certified Ethical Hacker (CEH)
  • Certified Information Security Manager (CISM)
  • Certified Web Application Defender (GWEB)
  • Certified Information System Security Professional (CISSP)

Pay Range: