5866916 |
Penetration Tester |
Yakshna Solutions, Inc., (YSI) is a CMMI Level 3 assessed, ISO 9001, 20000:1, 27001 certified, woman-owned small business enterprises, headquartered in Herndon, Virginia, USA. YSI provides professional IT solutions and services to business corporations and government organizations. YSI is committed to serve its business communities as a leading IT vendor providing innovative, quality, and cost-effective IT business solutions and services.
We offer a competitive benefits package that includes the following: 401(k), health, dental, and vision insurance, Life insurance, short-term and long-term disability insurance, paid time off, training, and professional development assistance.
YSI is seeking a highly qualified Penetration Tester. The selected candidate will be able to communicate effectively (written/verbal), possess strong interpersonal skills, be self-motivated, and be innovative in a fast-paced environment.
Functional Responsibilities:
- Performs assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy.
- Measures effectiveness of defense-in-depth architecture against known vulnerabilities.
Minimum Education/Experience:
- Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
- Ability to apply programming language structures (e.g., source code review) and logic.
- Ability to share meaningful insights about the context of an organization’s threat environment that improves its risk management posture.
- Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
- Skill in assessing the robustness of security systems and designs.
- Skill in detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort).
- Skill in mimicking threat behaviors.
- Skill in the use of penetration testing tools and techniques.\Skill in the use of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.).
- Skill in using network analysis tools to identify vulnerabilities. (e.g., fuzzing, nmap, etc.).
- Skill in reviewing logs to identify evidence of past intrusions.
- Skill in conducting application vulnerability assessments.
- Skill in performing impact/risk assessments.
- Skill to develop insights about the context of an organization’s threat environment
- Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- Certifications: NICCS Cybersecurity Certifications.
YSI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
|