Virginia Jobs
Virginia Jobs is hiring: Security and Penetration Tester, Position No. in Richmo
Virginia Jobs, Richmond, VA, US, 23214
Title: Security and Penetration Tester, Position No. 04311
 
State Role Title:Info Technology Specialist III
 
Hiring Range: $104,720 - $120,428
 
Pay Band: 6
 
Agency: Department of Motor Vehicles
 
Location:Department of Motor Vehicles
 
Agency Website:www.dmv.virginia.gov
 
Recruitment Type: General Public - G
 
Job Duties
 
The Virginia Department of Motor Vehicles is hiring for a Security & Penetration Tester for a position with its Information Security and Risk Management administration in Richmond, VA.
The Security & Penetration Tester is responsible for overseeing and executing the agency's security testing program, with a focus on assessing the security of new and existing applications, systems, and technologies. This role plans, directs and performs penetration testing, vulnerability assessments, and red team exercises to assess and identify security vulnerabilities of networks, applications and systems. It establishes documents testing methodologies and standards, ensures compliance with organizational and regulatory security requirements, and collaborates with internal and external stakeholders to validate and track remediation efforts; evaluates findings and performs root cause analysis to identify weaknesses, misconfiguration, or other flaws in the environment that could lead to security compromises. It documents testing results and presents suggestions for the development of countermeasures, security improvements, and mitigation strategies. Utilizes a variety of assessment tools, such as Nmap, BurpSuite, Kali Linux and scripting languages like Bash, Python, Perl, or Ruby. Familiar with red team testing protocols and cybersecurity frameworks like OWASP, OSSTMM and PTES. Stays up to date with the latest security threats, techniques, and tools to continuously improve penetration testing methodologies.
 
In addition to providing technical expertise, this position communicates risk posture to management, advises on secure design, development, and mitigation strategies, and mentors staff to strengthen the agency's overall security capabilities.
The Virginia Department of Motor Vehicles (DMV), headquartered in Richmond, Virginia, serves approximately 6.2 million licensed drivers and ID card holders with over 8.4 million registered vehicles. In addition,DMVserves a wide array of businesses, including dealers, fuels tax customers, rental companies, driving schools, other state agencies, local governments, and non-profit organizations.DMVoperates upon five fundamental core values: Trustworthiness, Respect, Accountability, Integrity, and Teamwork (TRAIT). We don't just talk about our core values, we live them!
Minimum Qualifications
 
•Extensive experience with hands-on penetration testing and vulnerability assessment
•Proven background in using testing tools, conducting network, application and cloud penetration tests, manual testing and exploitation.
•Experience in secure code review and static/dynamic application security testing, Red Teaming or adversary emulation exercises.
•Experience leading testing projects, writing reports for executives and coordinating remediation with technical staff.
Additional Considerations
 
Preferred possession of, or documented course enrollment with an endorsed application for, certification for CEH, OSCP, OSWE, OSEP, OSED, GPEN and/or GWAPT
 
Special Instructions
 
You will be provided a confirmation of receipt when your application and/or résumé is submitted successfully. Please refer to "Your Application" in your account to check the status of your application for this position.
 
Selected candidate(s) must complete the I-9 Employment Eligibility Verification Form. DMV participates in E-Verify.
 
All applicants for employment must consent to a background check. Selected candidates must consent to a fingerprint-based criminal history check, driver record check, and background investigation, if applicable.
 
As a condition of employment, the DMV will be alerted of any convictions for moving violations, including license suspension.
 
Submission of an online application is required. DMV does not accept applications, resumes, cover letters, etc., in any other format. When applying for jobs, please ensure your online application or resume is complete with duties and skills associated with your work experience and years of experience to properly assess your skills in the screening process. Candidates are evaluated based on information provided in the application materials. Missing information cannot be assumed.
 
Contact Information
 
Name: DMV Employment
 
Phone: 804-367-0528
 
Email: employment@dmv.virginia.gov
In support of the Commonwealth's commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process. To be considered for this opportunity, applicants will need to provide their AHP Letter (formerly COD) provided by the Department for Aging & Rehabilitative Services (DARS), or the Department for the Blind & Vision Impaired (DBVI). Service-Connected Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS/DBVI to get their AHP Letter. Requesting an AHP Letter can be found at AHP Letter or by calling DARS at 800-552-5019.
 
Note: Applicants who received a Certificate of Disability from DARS or DBVI dated between April 1, 2022- February 29, 2024, can still use that COD as applicable documentation for the Alternative Hiring Process.
State Role Title:Info Technology Specialist III
Hiring Range: $104,720 - $120,428
Pay Band: 6
Agency: Department of Motor Vehicles
Location:Department of Motor Vehicles
Agency Website:www.dmv.virginia.gov
Recruitment Type: General Public - G
Job Duties
The Virginia Department of Motor Vehicles is hiring for a Security & Penetration Tester for a position with its Information Security and Risk Management administration in Richmond, VA.
The Security & Penetration Tester is responsible for overseeing and executing the agency's security testing program, with a focus on assessing the security of new and existing applications, systems, and technologies. This role plans, directs and performs penetration testing, vulnerability assessments, and red team exercises to assess and identify security vulnerabilities of networks, applications and systems. It establishes documents testing methodologies and standards, ensures compliance with organizational and regulatory security requirements, and collaborates with internal and external stakeholders to validate and track remediation efforts; evaluates findings and performs root cause analysis to identify weaknesses, misconfiguration, or other flaws in the environment that could lead to security compromises. It documents testing results and presents suggestions for the development of countermeasures, security improvements, and mitigation strategies. Utilizes a variety of assessment tools, such as Nmap, BurpSuite, Kali Linux and scripting languages like Bash, Python, Perl, or Ruby. Familiar with red team testing protocols and cybersecurity frameworks like OWASP, OSSTMM and PTES. Stays up to date with the latest security threats, techniques, and tools to continuously improve penetration testing methodologies.
In addition to providing technical expertise, this position communicates risk posture to management, advises on secure design, development, and mitigation strategies, and mentors staff to strengthen the agency's overall security capabilities.
The Virginia Department of Motor Vehicles (DMV), headquartered in Richmond, Virginia, serves approximately 6.2 million licensed drivers and ID card holders with over 8.4 million registered vehicles. In addition,DMVserves a wide array of businesses, including dealers, fuels tax customers, rental companies, driving schools, other state agencies, local governments, and non-profit organizations.DMVoperates upon five fundamental core values: Trustworthiness, Respect, Accountability, Integrity, and Teamwork (TRAIT). We don't just talk about our core values, we live them!
Minimum Qualifications
•Extensive experience with hands-on penetration testing and vulnerability assessment
•Proven background in using testing tools, conducting network, application and cloud penetration tests, manual testing and exploitation.
•Experience in secure code review and static/dynamic application security testing, Red Teaming or adversary emulation exercises.
•Experience leading testing projects, writing reports for executives and coordinating remediation with technical staff.
Additional Considerations
Preferred possession of, or documented course enrollment with an endorsed application for, certification for CEH, OSCP, OSWE, OSEP, OSED, GPEN and/or GWAPT
Special Instructions
You will be provided a confirmation of receipt when your application and/or résumé is submitted successfully. Please refer to "Your Application" in your account to check the status of your application for this position.
Selected candidate(s) must complete the I-9 Employment Eligibility Verification Form. DMV participates in E-Verify.
All applicants for employment must consent to a background check. Selected candidates must consent to a fingerprint-based criminal history check, driver record check, and background investigation, if applicable.
As a condition of employment, the DMV will be alerted of any convictions for moving violations, including license suspension.
Submission of an online application is required. DMV does not accept applications, resumes, cover letters, etc., in any other format. When applying for jobs, please ensure your online application or resume is complete with duties and skills associated with your work experience and years of experience to properly assess your skills in the screening process. Candidates are evaluated based on information provided in the application materials. Missing information cannot be assumed.
Contact Information
Name: DMV Employment
Phone: 804-367-0528
Email: employment@dmv.virginia.gov
In support of the Commonwealth's commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process. To be considered for this opportunity, applicants will need to provide their AHP Letter (formerly COD) provided by the Department for Aging & Rehabilitative Services (DARS), or the Department for the Blind & Vision Impaired (DBVI). Service-Connected Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS/DBVI to get their AHP Letter. Requesting an AHP Letter can be found at AHP Letter or by calling DARS at 800-552-5019.
Note: Applicants who received a Certificate of Disability from DARS or DBVI dated between April 1, 2022- February 29, 2024, can still use that COD as applicable documentation for the Alternative Hiring Process.