Decision Point Security, Inc Penetration Tester Eglin AFB, FL · Full time Company website

Apply for Penetration Tester

Decision Point team has over 150 years combined experience delivering solutions based on sound research principals and critical thinking. Members of the team have been trusted with hardening and assessment of some of our nation’s critical defense infrastructure and weapon systems. We understand that achieving and maintaining adequate security requires thorough understanding of people, processes, and systems. Challenges associated with each of these areas are dynamic and can be costly. Let our team work with you to deliver practical, cost effective solutions.

Responsibilities May Include:

Planning and executing penetration tests on a variety of systems and applications. Employing both manual and automated testing techniques. Simulating real-world attack scenarios to identify potential vulnerabilities. Documenting findings and providing detailed reports and recommendations for remediation.

Collaborating with system owners and developers to address identified vulnerabilities. Staying abreast of emerging threats, vulnerabilities, and security best practices.

Qualifications:

Education: Bachelor's degree in Computer Science, Information Technology, or a related field (or equivalent experience).

• U.S. Citizenship
• Clearance

 

Experience: Senior level tester experience

Certifications:

• OSCP (Offensive Security Certified Professional) - or equivalent
• CEH (Certified Ethical Hacker) - optional
• GPEN (GIAC Penetration Tester) - optional
• CISSP (Certified Information Systems Security Professional) - optional

Knowledge/Skills:

• Strong understanding of network protocols, operating systems, and web application technologies.
• Proficiency in penetration testing tools and techniques (e.g., Metasploit, Burp Suite, Nmap).
• Experience with scripting languages (e.g., Python, Bash, PowerShell).
• Strong analytical and problem-solving skills.
• Excellent written and verbal communication skills.

Technical Skills:

• Networking:
• Deep understanding of TCP/IP and common networking protocols (HTTP, DNS, etc.)
• Experience with network mapping and reconnaissance tools (Nmap, Zenmap, etc.)
• Ability to analyze network traffic using tools like Wireshark or tcpdump.

• Operating Systems:
• Familiarity with various operating systems (Windows, Linux, macOS) and their security features.
• Understanding of command-line interfaces and scripting for automation.

• Web Application Security:
• Knowledge of web application vulnerabilities (OWASP Top 10) and attack vectors.
• Proficiency in using web application security testing tools (Burp Suite, OWASP ZAP, etc.).
• Understanding of web application firewalls (WAFs) and how to bypass them.

• Penetration Testing Methodologies:
• Familiarity with different penetration testing methodologies (black box, white box, gray box).
• Ability to plan, execute, and document penetration testing engagements.

• Exploitation & Post-Exploitation:
• Knowledge of common vulnerabilities and exploits (CVEs).
• Experience with exploiting vulnerabilities to gain access to systems.
• Understanding of post-exploitation techniques, such as privilege escalation and data exfiltration.

• Security Tools & Technologies:
• Proficiency in using a wide range of security tools, including vulnerability scanners (Nessus, OpenVAS), exploitation frameworks (Metasploit), and security information and event management (SIEM) systems.

• Non-Technical Skills:
• Problem-Solving: Ability to think critically, analyze complex systems, and identify vulnerabilities.
• Communication: Strong written and verbal communication skills to effectively report findings and recommendations to both technical and non-technical audiences.
• Adaptability: Ability to learn new technologies and adapt to changing environments and attack vectors.
• Ethics and Professionalism: Strong ethical compass and commitment to responsible disclosure practices.

• Travel:
• Work location is at Eglin AFB with up to 25% travel.