Sr. Red Team Penetration Tester

Washington, District Of Columbia 20016

Post Date: 03/02/2018 Job ID: 27873 Industry: Information Technology

Kavaliro is looking for a Sr. Red Team Penetration Tester to work with our client in the Washington DC metro area.  This is an immediate need!

 

Description: 

The Penetration Tester will have experience performing hands-on penetration testing, security test planning, and vulnerability analysis; focusing on automated and manual exploitation of applications, networks, and system level designs and implementations. This position requires a strong ethical hacking mindset with proven professional experience in assessing diverse network and system architectures in a comprehensive manner.  Experience and detailed technical knowledge in information security engineering, secure architecture development, system and network security, authentication and security protocols, applied cryptography, and application security is essential. 

Required Skills/Qualifications: 
  • Knowledge of vulnerability management and scanning best practices. This should include knowledge of the CVE database and the CVS System used for scoring vulnerabilities.
  • Experience with Unix (preferably Red Hat) administration skills.
  • The individual should be comfortable with all forms of daily server administration.
  • Experience with Windows server administration.
  • Knowledge and experience in basic web application configuration in particular experience with the Linux, Apache, MySQL, PHP (LAMP) stack.
  • Knowledge of and experience in performing application assessments.

 
Desired Skills:
  • Overall 3+ years of Information Security experience.
  • At least 1 year experience performing application security assessments.
  • 2+ years Red Team experience.
  • Offensive pen testing experience.
  • Knowledge of the Windows and *NIX operating systems to include boot process through understanding of the execution flow of boot time processes.
  • Knowledge of software exploitation (web, client-server, mobile, and wireless) on modern operating systems.
  • Familiarization with XSS, SSJS, filter bypassing, SQL Injection, etc.
  • Familiarity with interpreting log output from networking devices, operating systems and infrastructure services.
  • Familiarity with common reconnaissance, exploitation, and post exploitation frameworks.

 
Minimum Education and Certifications
  • Bachelor’ s degree highly desirable.
  • The following certifications OSCP, is preferred
Apply Online

Not ready to apply?

Send an email reminder to:

Share This Job:

Related Jobs: