Lead Penetration Tester
Annapolis Junction, MD
Software Development – DEV01 /
Software & Database Engineers /
On-site
About us: Mission Driven, Employee Focused
At CTI, you’ll be at the center of an award-winning corporate culture, breaking technological barriers and solving real-world problems for our federal government customers. We are committed to hiring the best of the best, and in return, we offer a world-class, truly unique employee experience that is rare within our industry.
If you’re a technical changemaker with a passion for Cyber Operations, Cloud and Data Analytics, or Engineering, we’re looking for you! Love what you do AND where you work - alongside a supportive, innovative team of like-minded individuals. After all, we know that your best work happens when you live your best life, and we do everything we can to make that possible. Are you ready for your best career move? Intel Agency polygraph is strongly preferred.
Due to federal contract requirements, United States citizenship and an active TS/SCI security clearance is required for the position.
A Lead Penetration Tester is needed to join a high performing agile team using the Scaled Agile Framework (SAFe) methodology. The selected candidate will work on a team of cyber Subject Matter Experts (SMEs) who are providing support to a large, complex technical program for preventing, identifying, containing and eradicating cyber threats to networks through monitoring, intrusion detection and protective security services on information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connections, public facing websites, security devices, servers and workstations. She/he will be responsible for the overall security of Enterprise-wide information systems, and will collect, investigate, and report any suspected and confirmed security violations.
Primary Responsibilities
Perform internal and external pentest against systems to determine vulnerabilities and offer mitigation strategies.
Perform web app pentests.
Perform vulnerability risk assessment.
Perform physical pentests and social engineering.
Perform cyber incident response as needed for programs.
Basic Qualifications
Must have experience in web development and programming languages such as Java, XML, Perl and HTML.
Must have extensive experience performing IT security risk assessments.
Must have experience performing web app and physical pentests.
Experience with programming/scripting in Python, Powershell, C, JavaScript, etc.
Must have experience with or strong familiarity of the following Web Application tools; Burp Suite, Web Inspect, Appdetective.
Must have experience with or strong familiarity of Kali.
Must have experience with or strong familiarity of IPS/IDS solutions.
Must have a strong understanding of the Cyber Kill Chain methodology.
Must have the ability to effectively collaborate with technical staff and customers when necessary to forming strategies and plan for continuous modernization and legacy integration.
Must have experience managing multiple projects and quickly and effectively adjusting to shifting priorities and resolving issues.
Preferred Qualifications
BS in a related field and at least 8 years of relevant experience
Certifications in one or more of the following areas:
GIAC Web Applications Penetration Tester (GWAPT)
GIAC Penetration Tester (GPEN)
Certified Ethical Hacker (CEH)
Certified Information Security Manager (CISM)
Certified Web Application Defender (GWEB)
Certified Information System Security Professional (CISSP)
The benefits package:
• Affordable healthcare options with 80% employer paid premium PLUS a company-funded HSA
• Dental insurance with 100% employer paid premium
• Vision with 80% employer paid premium
• Employer paid Life insurance 100%
• Employer paid Short-term and Long-term disability 100%
• Annual training, continued education, and professional memberships reimbursement
• Unlimited access to Red Hat Enterprise Linux and AWS training and accreditation
• Annual reimbursement for technology i.e. phones, computers, printers, etc.
• 401(k) with company match up to 5% with 100% immediate vesting (after 90 days of employment)
The environment and perks:
• Professional development investment and paid time off for training
• Contract and work locations in Maryland, Virginia, Colorado, Texas, Utah, California, Florida and Hawaii.
• Team building events throughout the year such as Destination Family Events, Holiday Party, Monthly Get-Togethers
• Leadership Team engagement and mentorship
• Performance Recognition Program
• Complimentary branded apparel
Don't see a job opening that's the perfect fit? Apply to our General Position to join our talent pool for consideration for future opportunities.
Know someone else who may be a good fit? Refer them through the CTI External Referral Program and you could receive a one-time referral bonus of up to $10,000! Email cti-staffing@cti-md.com for more information.
Constellation Technologies is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, religion, creed, color, national origin, ancestry, sex (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, medical condition, marital or domestic partner status, sexual orientation, gender, gender identity, gender expression and transgender status, mental disability or physical disability, genetic information, military or veteran status, citizenship, low-income status or any other status or characteristic protected by applicable law. Job applicants can submit questions about CTI’s equal employment opportunity policy to cti-hr@cti-md.com.
