Vulnerability Assessment Analyst And Penetration Tester

Vulnerability Assessment Analyst and Penetration Tester

WHO WE ARE:

STAHL Companies provides the Program Management for its Channel of Commercial Technology companies in Government that consist of Small Businesses and New Technology start-ups.

STAHL advocates for policies that can improve government services and maintain our government's competitive advantage, by bringing more technology into government programs.

STAHL Companies advocates on behalf of our nation's innovative, new technology and small businesses looking to work with the U.S. government. We do this by aligning the voice of our small business members with advocacy for change in federal policy that will make the government market more accessible to small businesses and the commercial technology ecosystem.

The Channel's founding Technical Board Members include former government leaders and IT executives passionate about bringing best-of-breed technology to the government.

We are seeking a skilled and experienced Vulnerability Assessment Analyst and Penetration Tester to join our team!

Successful Stahl Companies employees possess the following traits:

An ability to get things done: You are persistent, resourceful, results-oriented, and action-oriented. You constantly plan ahead and foresee issues before they occur.

Analytical: In order to improve your comprehension of the market and the demands and problems of your clients, you have good analytical abilities and are at ease reading quantitative data.

Creative mind-set: You are able to solve problems creatively and swiftly adjust. You possess a thorough understanding of product management principles and the ability to apply them when analysing data and making recommendations.

Emotional Intelligence: You have a strong sense of self and excellent perception of how important relationships function. You are upbeat, sympathetic, adaptable, and inquisitive. Your genuineness, warmth, and competence help you win the respect of your co-workers.

Trustworthy: You have a strong sense of morality, principles, and purpose. You are trustworthy because of how you conduct yourself. You are a living example of the company's values.

Responsibilities:

• Lead security assessments and Penetration testing projects.
• Identify and exploit vulnerabilities to quantify risk to an organization.
• Conduct and lead advanced penetration testing of networks, systems, and applications.
• Identify and exploit vulnerabilities in corporate infrastructure.
• Develop and deliver reports and presentations.
• Solve complex technology problems.
• Developing and building Vulnerability Assessment Analyst and Penetration tools.
• Identify and influence response to and mitigation of threats.
• Perform manual assessment of systems, services and software; specializing security issues beyond those identified by static analysis tools.
• Ensures services, applications, and websites are designed and implemented to the highest security standards.
• Responsible for application and/or hardware penetration testing, automating repetitive tasks using various scripting languages, mentoring and leading other engineers to deliver complex penetration tests and Vulnerability Assessments.
• Drive automation, tooling, efficiency and advance the teams penetration testing capabilities.
• Create threat mitigation plans.
• Provide mentorship and collaborate with other team members on testing and exploitation efforts.
• Write comprehensive reports detailing findings and recommendations for remediation.
• Stay up to date with the latest vulnerabilities, exploits, and offensive techniques.
• Use COTS tools to conduct Vulnerability Assessmentsand Penetration testing.
• Identify exploitable vulnerabilities, and verify vulnerabilities through manual assessment
• Develop and deliver training and presentations on penetration testing and vulnerability management.

Qualifications:

Minimum Position Requirements:

• Five years of “hands-on” Penetration Testing Experience with operating systems, web applications, and network infrastructure.
• Administrator-level knowledge of Windows and Linux Server Operating Systems.
• Experience with operating system security.
• Competent with testing frameworks and tools such as Burp Suite, Metasploit, Cobalt Strike, Kali Linux, Nessus, PowerShell Empire.
• Knowledge of the functionality and capabilities of computer network defense technologies, including Router ACLs, firewalls, IDS/IPS, antivirus/EDR, and web content filtering.
• Strong written and verbal communication skills, including the ability to explain complex technical topics to non-technical audiences.
• Possess one of the following certifications: OSCP, OSWP, GWAPT, GPEN, CEH, CISM, GWEB, CISSP, or equivalent.

Desired Position Qualifications:

• Bachelor’s Degree in Computer Science, Information Technology, Engineering, or related field.
• Ten years of “hands-on” Penetration Testing Experience with operating systems, web applications, and network infrastructure.

*Position is contingent upon award.