Penetration Tester with Security Clearance

Primary Responsibilities

• Perform internal and external pentest against systems to determine vulnerabilities and offer mitigation strategies.

• Perform web app pentests

• Perform vulnerability risk assessment

• Perform physical pentests and social engineering

• Perform cyber incident response as needed for programs Basic Qualifications
Bachelors' degree from an accredited college in a related discipline, or equivalent experience/combined education, with 3 to 6 years of professional experience; or 1 to 3 years of professional experience with a Masters' degree. Must have a Secret Clearance. In addition to specific security clearance requirements all Department of Homeland Security CBP SOC employees are required to have or be able to favorably pass a 5 year (BI) Background Investigation. 3 years in Pen Testing and Vulnerability Assessment, with specific emphasis on web application and enterprise network environments.
5 years of professional experience in incident detection and response, malware analysis, or cyber forensics. Experience with the majority of the tools listed below:

• Kali Linux

• Metaspoilt

• Burp suite pro

• Cobalt Strike / Empire

• Tenable Nessus

• Debuggers such as Immunity

• Bloodhound

• BladeRF / HakRF

• Hak5 equipment

• Wireshark / tcpdump Specific experience in at least 1 of the following specialties:

• Mobile application testing

• Cloud infrastructure testing

• RF Testing

• Mainframe systems Requirement Certifications (Must have of the following)
CEH - Certified Ethical Hacker
CISSP - Certified Information Systems Security
GAWN - Auditing Wireless Networks
GISF - Security Fundamentals
GPEN - Penetration
GSNA - System and Network Auditor
GWAPT - Web Application Penetration Tester
GWEB - Web Application Defender
GXPN - Exploit Researcher and Advanced Penetration Tester
OSCE (Certified Expert)
OSCP (Certified Professional)
OSEE (Exploitation Expert)
OSWP (Wireless Professional)
CompTIA Cyber Security Analyst (CySA+)
CompTIA PenTest+
Splunk Core Certified Advanced Power User
Splunk Core Certified Consultant
Splunk SOAR Certified Automation Developer
eLearnSecurity Certified Professional Penetration Tester (eCPPT)