Mid Vulnerability Analyst/Penetration Tester (Active Secret Clearance) in Arlington, VA at General Dynamics Information Technology

Date Posted: 8/12/2019

Job Snapshot

Job Description

Provides Vulnerability Assessment and Penetration testing support to a Cabinet level federal agency.  Contributes to a team of information assurance professionals working to improve network security posture.  

Must possess three (3) years of substantive IT knowledge and demonstrate hands-on expertise and/or training in areas of emerging technologies. The candidate must have hands-on experience and expertise with ethical hacking, firewall and intrusion detection/prevention technologies, secure coding practices and threat modeling.

•    Able to conduct PenTests and Vulnerability Assessments using Automated and Manual TTPs.
•    Have an understanding of common Web Application vulnerabilities like SQLi, XSS, CSRF, and HTTP Flooding.
•    Must be able to use at least two of the following proficiently and instruct others on them:  Nessus, Burp, Metasploit Framework/Pro, and the Social Engineering Toolkit.  
•    Must have solid working experience and knowledge of Windows and Unix/Linux operating system 
•    A familiarity of Network and System architecture analysis. Fundamentals of network routing & switching and assessing network device configurations
•    Scripting (Windows/*nix), Bash, Python, Perl or Ruby, Systems Programming  
•    Strong familiarity with OWASP top 10, PTES and NSA Vulnerability and Penetration Testing Standards. 
•    Must be able to work alone or in a small group.

DESIRED QUALIFICATIONS: 
•    OSCP, GIAC GPEN, GWAPT  or other Penetration Testing certifications
•    CISSP
•    Certified Ethical Hacker
•    BA/BS, 2+ years experience

Duties include writing reports, briefing event details to leadership, and coordinating remediation with personnel throughout the globe. Be a self-starter with, keen analytical skills, curiosity, agility, and adaptability. The ability to work quickly, willingness to work on ad hoc assignments, strong written and verbal communication skills, and recognizing the importance of being a team player.

Daily Responsibilities:

  • Performs Vulnerability Assessments and Penetration testing, including Web Application Assessments and Social Engineering.
  • Briefs executive summary and findings to stakeholders to include Sr. Leadership
  • Have an understanding of how to create unique exploit code, bypass AV and mimic adversarial threats.
  • Assesses the current state of the customer’s network security by identifying all vulnerabilities and security measures. 
  • Helps customer perform analysis and mitigation of security vulnerabilities.
  • Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption.
  • Provided incident reporting and response capability

#CSOSFeaturedArticle

For more than 50 years, General Dynamics Information Technology has served as a trusted provider of information technology, systems engineering, training, and professional services to customers across federal, state, and local governments, and in the commercial sector. Over 40,000 GDIT professionals deliver enterprise solutions, manage mission-critical IT programs, and provide mission support services worldwide. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.','industry