Penetration Tester w/ TS/SCI Job Listing at Tetra Tech EGlobal in Washington, DC (Job ID 4045)

Description

About the Role

EGlobalTech, a Tetra Tech Company, is looking for a Penetration Tester and SME to join our Cyber Solutions Practice in Arlington, VA and provide on-site support a federal customer located in Washington, DC. Qualified candidates should have experience in software assurance, penetration testing with a range of automated tools, security patch management, secure cloud, and hybrid engineering and possess an active Top Secret w/ SCI clearance. This role offers excellent compensation, career growth potential, and a total rewards package that includes PTO, paid holidays and corporate events, continuing education reimbursements, 401K, an Employee Stock Purchase Plan (ESPP) through Tetra Tech, and more!  

• Perform penetration testing, software assurance, and vulnerability assessment in support of Federal customer, on site in Washington, DC.
• Interpret penetration testing results to identify and recommend corrective actions and/or mitigation strategies.
• Produce and deliver reports on individual and enterprise software assurance efforts, working with service providers and individual programs/systems. Deliverable: Software Assurance Reports. 
• Identify and address security implications during software acceptance activities, including completion criteria, risk acceptance and documentation, common criteria, and methods of independent testing. Perform security test assessments in support of Federal customer and system-specific software assurance efforts, working with service providers and individual programs.
• Collaborate with DevSecOps team participants from other organizations to integrate information assurance and cybersecurity needs and practices on a continuous basis throughout Agile development activities including, but not limited to: requirements, design, implementation, testing, and delivery of new IT solutions, applications, services, and systems, or updating and enhancing existing ones. 
• Perform and document vulnerability assessments of Government-identified systems (Deliverable: Vulnerability Assessment Reports). 
• Update and maintain software assurance SOPs in accordance with IC and DHS policy (Deliverable: Software Assurance Standard Operating Procedures).
• Annually review and update, as needed, all security configurations within automated DevSecOps tools and manual processes to ensure compliance with IC policy. Upon government approval, implement changes to processes and technologies for penetration testing, software assurance, and vulnerability assessment activities, and report metrics in Monthly Status Reports.

• Must have at least 7+ years of total cyber security and or information technology professional experience.
• Must have at least 5+ years of recent experience in the following technical areas: software assurance, penetration testing with a range of automated tools, security patch management, secure cloud, and hybrid engineering, and CDS, Web
• Cyber security certifications as a Certified Ethical Hacker (CEH) and CISSP, CASP, or comparable demonstrable experience are preferred but not required. 
• Must be proficient in the use of Nessus Security Center, Security Content Automation Protocol (SCAP), Web Application Scanning, Penetration Testing, Webinspect, Fortify, and similar tools. Must have recent Software Assurance experience.  SonarCube experience is preferred.   
• Linux and Cisco Routing and Switching experience. 
• Active Top Secret clearance required 
• This position requires a badge and or clearance the requires an extensive background, credit, and drug screening check. 

• Bachelor's Degree or Master's Degree in a technology discipline from an accredited university.