Paragon Technology Group

  • Penetration Tester - Cyber Security

    Job Location US-MN-Eagan
    ID
    2019-1739
  • Overview

    Paragon Technology Group, Inc. is a leading provider of strategic technology solutions to the public sector. Founded in 1997, Paragon has been recognized as one of the top 50 fastest growing companies in the Washington, D.C., Metro area. Paragon delivers an extensive suite of IT services across the public sector and is renowned for delivering technical excellence in every client engagement.

    Responsibilities

    We are currently searching for a Penetration Tester to join our cyber team in support of the USPS. The successful candiate will be able to plan, communicate, coordinate and conduct penetration tests and security assessments for applications, systems and enterprise networks.

     

    Job responsibilities:

    • Plan, communicate, coordinate and perform penetration testing, application testing, and security assessments at application, system and enterprise level
    • Develop Rules of Engagement, scoping documents and reports
    • Perform manual penetration tests and validation of vulnerability scan results
    • Develops automation/scripts for replicating vulnerability validation and penetration tests
    • Devises plans and scenarios for various types of penetration tests
    • Documents vulnerabilities, relevant exploits, and remediations in final vulnerability assessment report
    • Perform information technology security research to remain current on emerging technology trends and develop exploits for disclosed and undisclosed vulnerabilities
    • Contributes to developing and implementing tools for penetration testing and early warning of weaknesses or possible incidents building on methodologies as promulgated by NIST, ISO, etc. to ensure useful, measurable, and repeatable methods applied to quantifying risk
    • Selects, installs, and configures security testing platforms and tools or develop tools and procedures for penetration tests
    • Performs penetration testing using standard penetration tools (Metasploit, Nmap, Nessus, Burp Suite, etc.)
    • Performs off-hours work as necessary

    Qualifications

    Required Skills:

    • Bachelor’s Degree in related field. Or in lieu of degree, equivalent experience in military, civil, or corporate areas will be considered.
    • 3-5 years of penetration testing experience is required
    • 4+ years of network or system security
    • Experience with web and mobile applications, databases, operating systems
    • Experience in penetration testing large and complex enterprise networks
    • Experience with utilizing penetration testing framework such as OWASP or Mitre Att&ck Framework.
    • Experience with regulatory compliance, policy development, and policy enforcement
    • Experience with FISMA / PCI-DSS compliance, ISO 27000 / NIST SP 800 Frameworks
    • Excellent communication and interpersonal skills
    • Hands-on OS configuration/administration experience
    • Programming experience with focus on penetration testing or process automation
    • Experience with the following technologies:
      o Kali Linux
      o Metasploit
      o Nmap
      o Burp Suite
    • Must be able to obtain a Government Sensitive Clearance (US Citizenship or Permanent Residence/Green Card status required). Must not have travelled outside of the US for a combined period of 6 months (or longer) within the last 5 years.

    Desired Skills:
    • Experience with cyber security development projects and programs for U.S. Government and/or commercial clients
    • Experience with process development and deployment
    • Experience with the following technologies:
    o Nessus
    o Tenable SecurityCenter
    o HP Fortify
    o IBM AppScan
    o WebInspect
    • Experience with three or more of the following:
    o Security COTS integration
    o Operating System Hardening
    o Vulnerability Assessment testing
    o Identification and Authentication schemes
    o Public Key Infrastructure and Identity Management
    o Cross Domain Solutions
    o Reverse Engineering
    o Security engineering
    o Mobile Technologies
    o Cloud Computing
    • Excellent writing skills

     

    Desired Certifications (one or more):
    o OSCP,
    o CISSP,
    o SANS GCIH/GPEN/GWAPT
    o CEH preferred.

     

     

    Paragon is an Equal Opportunity Employer and does not discriminate in employment opportunities or practices on the basis of: race, color, religion, gender, national origin, age, sexual orientation, gender identity, disability, veteran status, or any other characteristic protected by country, regional, or local law.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed