View all jobs

Quality Engineer (Penetration Testing)

McLean, VA

We are seeking a penetration test engineer who is passionately dedicated to the mission-critical nature of this role. In addition to performing and overseeing all penetration tests and vulnerability assessments, you will be responsible for growing our technical capabilities and an active developer on our high-profile security projects.  

Your Focus 

  • Perform threat analysis on new and existing system functionality 
  • Manage all security penetration tests and vulnerability assessments 
  • Develop new exploitation and/or security analysis tools  
  • Create new, improve upon and revamp assessment and exploitation methodologies and processes to further expand MSTR security measures 
  • Oversee the performance of penetration testing, red teaming, and vulnerability assessment in various environments daily. 
  • Oversee and execute exploitation testing and research using commercial, open source, and custom tools. 
  • Act as the primary source for the identification of external threats by monitoring reliable web sources, services such as CERTS, etc. 
  • Mentor and coach security assessment team and software development staff to ensure the successful consideration of security concerns in the completion delivery of all projects and products 
  • Maintain knowledge on state-of-the-art security technology through attendance at conferences, participation in forums, and the publication of technical papers and/or web-based media  

You should bring the following: 

  • 3-5 years Penetration Testing, Vulnerability Assessments, Offensive security assessments 
  • 3-5 years Vulnerability and Risk Management Services, networking, and information system 
  • Bachelor’s degree in Computer Science, Information Systems Management, Engineering, or related programs  
  • Familiarity with Network protocols, data flows and vulnerabilities.  Experience with Wireshark and related tools 
  • Experience with scripting and programming languages, such as Perl, Python, Ruby, PowerShell, PHP, Bash, etc. 
  • Active Directory, Identity Management, and Single Sign On solutions (i.e., SiteMinder, Ping Identity) 
  • Understanding and knowledge of enterprise-level appliances and software to safeguard corporate networking assets  
  • Malware Internals and Execution  
  • Load balancing/Acceleration solutions (I.e., Citrix, Cisco WAAS, F5 & Riverbed) 
  • Familiarity with Cloud architecture/environments is a plus 

Share This Job

Powered by