Unisity, LLC
Lead Penetration Tester
Unisity, LLC is a Service-Disabled Veteran Owned Small Business providing expert services in the Information Technology fields. We pride ourselves on delivering what is promised, as some would say we "just do". We are highly-qualified, self-driven professionals who work towards a common goal as a team, leading when appropriate and following when needed.
Description Lead Penetration Tester is needed to join a high performing agile team using the Scaled Agile Framework (SAFe) methodology on a large, complex program that provides system engineering, development, test, integration and operational support. The selected individual will work on a team of cyber Subject Matter Experts (SMEs) who are providing support to a large, complex technical program for preventing, identifying, containing and eradicating cyber threats to networks through monitoring, intrusion detection, and protective security services on information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connections, public facing websites, security devices, servers and workstations. She/he will be responsible for the overall security of Enterprise-wide information systems, and will collect, investigate, and report any suspected and confirmed security violations.
Due to federal contract requirements, United States Citizenship and position appropriate security clearance is required. (e.g. Active TS/SCI security clearance with customer appropriate polygraph).
Primary Responsibilities
Perform internal and external pentests against systems to determine vulnerabilities and develop mitigation strategies.
Perform web app pentests.
Perform vulnerability risk assessments.
Perform physical pentests and social engineering analysis.
Perform cyber incident response as needed.
Evaluate the impact of new development on the operational security posture of IT systems.
Evaluate, review, and test critical software.
Formulate security compliance requirements for new system features.
Identify and remediate security issues throughout the system.
Audit and assess system security configuration settings using common methodologies and tools.
Work with development teams to enrich team-wide understanding of different types of vulnerabilities, attack vectors, and remediation approaches.
Work closely with System Engineering, Test Engineering, and Integration teams to ensure hardware and software architecture and implementations meet strict security requirements.
Propose, assess, coordinate, implement, and enforce information systems security policies, standards, and methodologies.
Serve as a Subject Matter Expert in security architecture, to include providing advice to Program Managers, Customer technical experts, and internal program teams.
Basic Qualifications
Must have experience with penetration testing tools.
Must have experience in web development and programming languages such as Java, XML, Perl and HTML.
Must have experience with programming/scripting in Python, Powershell, C, JavaScript, etc.
Must have extensive experience performing IT security risk assessments.
Must have experience performing web app and physical pentests.
Must have experience with or strong familiarity of the following Web Application tools; Burp Suite, Web Inspect, Appdetective.
Must have experience with or strong familiarity of Kali.
Must have experience with or strong familiarity of IPS/IDS solutions.
Must have a strong understanding of the Cyber Kill Chain methodology.
Must have experience applying Risk Management Framework.
Must have experience with secure configurations of commonly used desktop and server operating systems.
Must have the ability to effectively collaborate with technical staff and customers to form mitigation strategies and plan for continuous modernization and legacy integration.
Must have experience managing multiple projects simultaneously and quickly and effectively adjusting to shifting priorities in resolving issues.
Preferred Qualifications
Bachelor's degree in a technical/information assurance field and at least 12 years of relevant experience.
Certifications in one or more of the following areas strongly preferred:
GIAC Web Applications Penetration Tester (GWAPT)
GIAC Penetration Tester (GPEN)
Certified Ethical Hacker (CEH)
Certified Information Security Manager (CISM)
Certified Web Application Defender (GWEB)
Certified Information System Security Professional (CISSP)
Extensive experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response.
Extensive experience providing information assurance support for application development that includes system security certifications and project evaluations for firewalls that encompass development, design, and implementation.
Salary Range: $210,000 - $220,000 (Annually)
Annual Compensation Figures listed for this position serve as a general guideline and are not a guarantee of compensation. Compensation will vary dependent upon factors including but not limited to: Government contract rates; education; relevant prior work experience, knowledge, skills, and competencies; certifications, and geographic location.
Benefits Package Unisity, LLC believes in generously supporting employees as they prepare for retirement. The company automatically contributes an additional 12% of each employee's gross compensation to the company 401k plan, with no requirement for employee matching. All contributions are fully vested from day one, ensuring immediate ownership of retirement funds.
Full-time employees have the option to participate in a variety of voluntary benefit plans including:
A Choice of Medical Plan Options, some with Health Savings Account (HSA)
Vision and Dental
Unisity, LLC provides an additional 12% of employee's gross compensation to be used for benefits, any remaining funds are then forwarded to the employee as taxable income
Life and AD&D Benefits (Company Paid)
Short and Long-Term Disability (Company Paid)
Equal Opportunity Employer Unisity, LLC is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Affirmative Action Statement Unisity, LLC is committed to the principles of affirmative action in all hiring and employment for minorities, women, individuals with disabilities, and protected veterans.
Accommodations Unisity, LLC is committed to providing an inclusive and accessible hiring process. If you need any accommodations during the application or interview process, please contact us at staffing@unisity.tech. We are happy to provide reasonable accommodations to ensure equal access to all candidates.
#J-18808-Ljbffr
Description Lead Penetration Tester is needed to join a high performing agile team using the Scaled Agile Framework (SAFe) methodology on a large, complex program that provides system engineering, development, test, integration and operational support. The selected individual will work on a team of cyber Subject Matter Experts (SMEs) who are providing support to a large, complex technical program for preventing, identifying, containing and eradicating cyber threats to networks through monitoring, intrusion detection, and protective security services on information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connections, public facing websites, security devices, servers and workstations. She/he will be responsible for the overall security of Enterprise-wide information systems, and will collect, investigate, and report any suspected and confirmed security violations.
Due to federal contract requirements, United States Citizenship and position appropriate security clearance is required. (e.g. Active TS/SCI security clearance with customer appropriate polygraph).
Primary Responsibilities
Perform internal and external pentests against systems to determine vulnerabilities and develop mitigation strategies.
Perform web app pentests.
Perform vulnerability risk assessments.
Perform physical pentests and social engineering analysis.
Perform cyber incident response as needed.
Evaluate the impact of new development on the operational security posture of IT systems.
Evaluate, review, and test critical software.
Formulate security compliance requirements for new system features.
Identify and remediate security issues throughout the system.
Audit and assess system security configuration settings using common methodologies and tools.
Work with development teams to enrich team-wide understanding of different types of vulnerabilities, attack vectors, and remediation approaches.
Work closely with System Engineering, Test Engineering, and Integration teams to ensure hardware and software architecture and implementations meet strict security requirements.
Propose, assess, coordinate, implement, and enforce information systems security policies, standards, and methodologies.
Serve as a Subject Matter Expert in security architecture, to include providing advice to Program Managers, Customer technical experts, and internal program teams.
Basic Qualifications
Must have experience with penetration testing tools.
Must have experience in web development and programming languages such as Java, XML, Perl and HTML.
Must have experience with programming/scripting in Python, Powershell, C, JavaScript, etc.
Must have extensive experience performing IT security risk assessments.
Must have experience performing web app and physical pentests.
Must have experience with or strong familiarity of the following Web Application tools; Burp Suite, Web Inspect, Appdetective.
Must have experience with or strong familiarity of Kali.
Must have experience with or strong familiarity of IPS/IDS solutions.
Must have a strong understanding of the Cyber Kill Chain methodology.
Must have experience applying Risk Management Framework.
Must have experience with secure configurations of commonly used desktop and server operating systems.
Must have the ability to effectively collaborate with technical staff and customers to form mitigation strategies and plan for continuous modernization and legacy integration.
Must have experience managing multiple projects simultaneously and quickly and effectively adjusting to shifting priorities in resolving issues.
Preferred Qualifications
Bachelor's degree in a technical/information assurance field and at least 12 years of relevant experience.
Certifications in one or more of the following areas strongly preferred:
GIAC Web Applications Penetration Tester (GWAPT)
GIAC Penetration Tester (GPEN)
Certified Ethical Hacker (CEH)
Certified Information Security Manager (CISM)
Certified Web Application Defender (GWEB)
Certified Information System Security Professional (CISSP)
Extensive experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response.
Extensive experience providing information assurance support for application development that includes system security certifications and project evaluations for firewalls that encompass development, design, and implementation.
Salary Range: $210,000 - $220,000 (Annually)
Annual Compensation Figures listed for this position serve as a general guideline and are not a guarantee of compensation. Compensation will vary dependent upon factors including but not limited to: Government contract rates; education; relevant prior work experience, knowledge, skills, and competencies; certifications, and geographic location.
Benefits Package Unisity, LLC believes in generously supporting employees as they prepare for retirement. The company automatically contributes an additional 12% of each employee's gross compensation to the company 401k plan, with no requirement for employee matching. All contributions are fully vested from day one, ensuring immediate ownership of retirement funds.
Full-time employees have the option to participate in a variety of voluntary benefit plans including:
A Choice of Medical Plan Options, some with Health Savings Account (HSA)
Vision and Dental
Unisity, LLC provides an additional 12% of employee's gross compensation to be used for benefits, any remaining funds are then forwarded to the employee as taxable income
Life and AD&D Benefits (Company Paid)
Short and Long-Term Disability (Company Paid)
Equal Opportunity Employer Unisity, LLC is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Affirmative Action Statement Unisity, LLC is committed to the principles of affirmative action in all hiring and employment for minorities, women, individuals with disabilities, and protected veterans.
Accommodations Unisity, LLC is committed to providing an inclusive and accessible hiring process. If you need any accommodations during the application or interview process, please contact us at staffing@unisity.tech. We are happy to provide reasonable accommodations to ensure equal access to all candidates.
#J-18808-Ljbffr