Sr. Penetration Tester

Independently performs penetration testing of applications, systems and enclaves Identifies security flaws in computing platforms and applications and devise strategies and techniques to mitigate identified cybersecurity risks.

• Performs application and network penetration testing and wireless security assessments.
• Applies offensive cybersecurity testing techniques, coordinate testing projects with internal and external system owners.
• Reports the nature of identified cybersecurity risks and recommends risk mitigation measures to improve the cybersecurity posture of the enterprise.
• Must have the ability to communicate accurate information, Employee needs to be able to sit at a workstation for extended periods; use hand(s) to handle or feel objects, tools, or controls; reach with hands and arms; talk and hear. Most positions require ability to work on desktop or laptop computer for extended periods of time reading, reviewing/analyzing information, and providing recommendations, summaries and/or reports in written format. Must be able to effectively communicate with others verbally and in writing. Employee may be required to occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds. Regular and predictable attendance is essential. Amyx is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. EOE Minority/Female/Veteran/Disabled. Amyx is an E-Verify employer.

• Six (6) years proven proficiency in performing extensive vulnerability assessment and penetration testing.
• Three (3) years of experience with testing tools, including NESSUS, METASPLOIT, CANVAS, NMAP, Burp Suite, and Kismet
• Three (3) years of experience with network vulnerability assessments and penetration testing methods
• Three (3) years of experience with writing testing assessment reports
• Two (2) ySears of experience with using, administering, and troubleshooting a WINDOWS Server, IIS
• Knowledge of TCP/IP protocols and networking architectures
• Two (2) years of experience with using, administering, and troubleshooting a major version of Linux.
• Two (2) years of experience PCI DSS testing
• Possess a certification in penetration testing, such as:

• Licensed Penetration Tester (LPT)
• Certified Expert Penetration Tester (CEPT)
• Certified Ethical Hacker (CEH)
• Global Information Assurance Certification Penetration Tester (GPEN)

• Excellent written documentation and oral presentation skills
• Knowledge of open security testing standards and projects, including OWASP
• Knowledge of database, applications, and Web server design and implementation
• Experience scripting in Perl, Python, Ruby, Bash, or Java
• Experience with wireless LAN security testing
• Possess oral and written communication skills.
• Required to possess a DOD SECRET Clearance and be eligible for an IT-I Critical Sensitive security clearance or Tier 5 (T5) upon assignment.

• Medical, Dental, and Vision Plans (PPO & HSA options available)
• Flexible Spending Accounts (Health Care & Dependent Care FSA)
• Health Savings Account (HSA)
• 401(k) with matching contributions
• Roth
• Qualified Transportation Expense with matching contributions
• Short Term Disability
• Long Term Disability
• Life and Accidental Death & Dismemberment
• Basic & Voluntary Life Insurance
• Wellness Program
• PTO
• 11 Holidays
• Professional Development Reimbursement