Address
Form of workAbout SIXGEN
Mission Overview
SIXGEN supports cyber and intelligence missions by serving government and commercial organizations as they overcome global cybersecurity challenges. Our highly skilled operators conduct research and assessments based on real-world threats. We simulate adversaries and malicious actors to report details and actionable findings on critical assets and infrastructures. Our program planners advise mission owners to bring rapid solutions to intelligence mission leaders. Using innovative processes, tools, and techniques, we predict and overcome cybersecurity vulnerabilities. Our successes are supported by our diverse team of experienced, technical talent. SIXGEN is growing our support to mission by adding an ambitious Senior Web Application Penetration Tester to our team. SIXGEN, Inc. is an Equal Opportunity/Veterans/Disabled Employer.
At-a-Glance Benefits Information
Mission Overview
SIXGEN supports cyber and intelligence missions by serving government and commercial organizations as they overcome global cybersecurity challenges. Our highly skilled operators conduct research and assessments based on real-world threats. We simulate adversaries and malicious actors to report details and actionable findings on critical assets and infrastructures. Our program planners advise mission owners to bring rapid solutions to intelligence mission leaders. Using innovative processes, tools, and techniques, we predict and overcome cybersecurity vulnerabilities. Our successes are supported by our diverse team of experienced, technical talent. SIXGEN is growing our support to mission by adding an ambitious Senior Web Application Penetration Tester to our team. SIXGEN, Inc. is an Equal Opportunity/Veterans/Disabled Employer.
At-a-Glance Benefits Information
- SIXGEN pays 100% of health insurance premiums (medical, dental, vision)
- 401K with a direct employer contribution of 4% of salary
- Company-provided short/long term disability insurance and basic life/AD&D insurance
- Professional development available (training, certification, education, etc)
- Paid Time Off (PTO) at a rate of three (3) weeks plus one (1) day per year of service up to four (4) weeks annually
- 11 paid holidays per calendar year
- and more
About the Role
At-a-Glance Job Information
Job Title:Senior Web Application Penetration Tester
Job Location: Arlington, VA
Clearance Requirement: Must or ability to obtain Secret Clearance
Experience Requirement: Minimum 5 years relevant experience and one of the following certifications: OSCP, OSCE, GPEN, GXPN, GWAPT, OSWE or equivalent
Remote Status: Hybrid
Education Requirement: n/a
Description of Duties
As a Senior Web Application Penetration Tester, you will be challenged to perform endpoint discovery, open source research, Web Application enumeration, and novel vulnerability analysis/exploitation. This is much more than Burp scans; operators routinely develop custom tooling (in languages such as PHP, Java, and Python) and achieve a deep understanding of target infrastructure/technology in exploitation paths. The assessments are usually a long haul and great for advanced bug bounty hunters who enjoy getting deep in the weeds. Some cloud/Active Directory experience is a plus for post exploitation activities.
Requirements
At-a-Glance Job Information
Job Title:Senior Web Application Penetration Tester
Job Location: Arlington, VA
Clearance Requirement: Must or ability to obtain Secret Clearance
Experience Requirement: Minimum 5 years relevant experience and one of the following certifications: OSCP, OSCE, GPEN, GXPN, GWAPT, OSWE or equivalent
Remote Status: Hybrid
Education Requirement: n/a
Description of Duties
As a Senior Web Application Penetration Tester, you will be challenged to perform endpoint discovery, open source research, Web Application enumeration, and novel vulnerability analysis/exploitation. This is much more than Burp scans; operators routinely develop custom tooling (in languages such as PHP, Java, and Python) and achieve a deep understanding of target infrastructure/technology in exploitation paths. The assessments are usually a long haul and great for advanced bug bounty hunters who enjoy getting deep in the weeds. Some cloud/Active Directory experience is a plus for post exploitation activities.
Requirements
- Ability to participate in cybersecurity control testing engagements for the customer's network, websites, apps and cloud technologies
- Must have experience in Web Application Penetration testing
- Knowledge of FISMA and NIST 800 series standards
- Experience in network mapping, vulnerability scanning, and penetration and Web Application testing
- Experience using approved test protocols and procedures to conduct network and application-level penetration tests
- Experience attending client meetings, recording internal and technical client interviews and preserving the contents of reports and memoranda
- Proficiency in using scanning tools like Nessus and NMap, as well as penetration tools like the Kali Linux suite, Burpsuite and metasploit
- Must be willing to travel as needed
- Must be able to obtain Secret Clearance
Desired Skills
- Bug Bounty Experience
- Script writing and crafting of payloads
- Great leadership and communication skills
- Ability and willingness to help others
Go back to the job list
