Address
Form of workWe have an exciting opportunity for a Penetration Testerto join our team. As a trusted Penetration Tester, you will support our customer's Vulnerability Management & Assessments (VMA) program. The resource will be supporting Penetration Testing (PEN) and will be working with the RISK: (VMA) Team, and will be responsible for working in a team environment to conduct research/analysis of current and emerging Cyber Threats. Will define requirements, test concepts, test equipment, develop data collection requirements for tests. This is an onsite role; candidates must be local to the Raleigh, NC area.
Required Experience/Skills:
• 4 years related work experience or eight years related work experience post high school
• 3 years' experience in information systems programming
• 3 years' experience in systems specification or structured analysis
• 3 years' experience with project or process management
• Highly skilled in web application testing, API testing, and network testing
• Prior experience with Burp Suite Professional, or other similar DAST tools
• Experience with Kali Linux and most of the tools available in the distro for penetration testing
• Experience with tools such as Metasploit Pro and Cobalt Strike for red team operations
• Experience with Red Team engagements from planning to execution
• Experience with phishing network users to gain access for lateral movement on the network
• Experience with Purple Team engagements to test monitoring controls in coordination with engineering teams and CSOC teams.
• Proficiency in scripting, such as Python and/or Powershell
• Experience with penetration testing supporting PCI-DSS
• Technical writing skills, along with ease in communicating concepts related to security vulnerabilities and attack path scenarios.
• Familiar with OWASP Application Security Verification Standard (ASVS) and MITRE ATT&CK framework
• May provide supervisory, technical, and administrative direction for personnel performing system development tasks, including the review of work products for correctness, adherence to the design concept and to user standards, and for progress in accordance with schedules.
• Formulates statements of management, scientific and business problems, and devises procedures for solutions of problems.
• One or more of the following Penetration testing certification recommended. Acceptable certifications:
o Offensive Security Certified Professional (OCSP)
o Global Information Assurance Certification (GIAC) Certifications
§ GIAC Certified Penetration Tester (GPEN)
§ GIAC Web Application Penetration Tester (GWAPT)
§ GIAC Exploit Researcher and Advanced Penetration Tester (GXPN))
• One or more required:
o CompTIA Security CE
o CPTE - Certified Penetration Testing Engineer
o CEH - Certified Ethical Hacker
o Certified Information System Security Professional (CISSP)
Other Requirements:
• Candidates must either be US Citizens or Permanent Residents
• Candidates must have resided in the United States for the past 5 years
• Candidates must not have traveled outside of the United States for a combined total of 6 months or greater in the past 5 years
• This position requires successful completion of a background check, drug screen, and a credit check.
Education: Must possess a minimum of a Bachelors Degree in Computer Science, Information Technology or Information Security (Masters Degree preferred).
Benefits: Full-time employees (permanent or contract employees who are employed for a term greater than 6 months) are eligible for benefits including time-off benefits, such as vacations and holidays, and insurance and other plan benefits.
Location: Morrisville, NC
About Us:
Bay State Computers, Inc. is a professional services firm and a leading provider of Information Technology (IT) services and products to the U.S. Federal Government and Industry. Bay State brings together experienced IT professionals and the latest state-of-the-art technology tools, practices, and products to support projects and task order requirements for our customers. For more information about Bay State visit our website and connect with us on LinkedIn .
Bay State Computers, Inc. is an Equal Opportunity/Affirmative Action Employer. All qualified candidates will receive consideration for this position regardless of race, color, creed, religion, national origin, age, sex, citizenship, ethnicity, veteran status, marital status, disability, or any other characteristic protected by applicable law.
