NIH - Penetration Tester

cFocus Software Incorporated

Bethesda, MD(remote)

JOB DETAILS
JOB TYPE
Full-time
SKILLS
Applications Security, Background Investigation, CISSP - Certified Information Systems Security Professional, Cloud Computing, Computer Science, Computer Security, Documentation, GPEN - GIAC Penetration Tester, Industry Standards, Information Technology & Information Systems, Internet Application, Internet Security, Microsoft Active Directory, National Institutes of Health (NIH), Network Security, Network Testing, Penetration Testing, Position of Public Trust, Security Analysis, Security Attacks, Software Testing, Systems Analysis, Technical Support, Technical Writing, Test Plan/Schedule, Testing, Wireless Security
LOCATION
Bethesda, MD
POSTED
Today
cFocus Software seeks a Penetration Tester to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
  • Public Trust Clearance
  • B.S. Computer Science, Information Technology, or a related field
  • 5+ years of experience conducting penetration testing or offensive cybersecurity operations.
  • Experience performing enterprise penetration testing.
  • Experience with network and application security assessments.
  • Experience documenting technical security findings.
  • Ability to obtain and maintain NIH suitability/background investigation.
  • Active OSCP, OSEP, GPEN, GXPN, CEH, PenTest+, or CISSP

Duties:
  • Conduct enterprise penetration testing activities including:
    • Perform internal and external network penetration testing.
    • Conduct web application penetration testing.
    • Execute infrastructure security testing.
    • Perform cloud penetration testing.
    • Conduct operating system security assessments.
    • Perform wireless security testing.
    • Assess Active Directory security.
    • Conduct application security testing.
    • Simulate real-world cyberattacks using industry-standard offensive security methodologies.
    • Perform controlled exploitation activities to identify security weaknesses.
    • Validate effectiveness of implemented security controls.
    • Identify attack paths and privilege escalation opportunities.
    • Document technical findings and supporting evidence.
  • Prepare comprehensive penetration testing plans
  • Provide Red Team Support

Powered by JazzHR

About the Company

c

cFocus Software Incorporated