Become an integral part of a diverse team that leads the world in the Mission, Cyber, and Intelligence Solutions group. At ManTech International Corporation, you ll help protect our national security while working on innovative projects that offer opportunities for advancement.
Currently, ManTech is seeking a motivated, career and customer oriented Security Test Engineer / Penetration Test Engineer to join our team in the Washington, DC area to provide unparalleled support to our customer and to begin an exciting and rewarding career within ManTech. The selected individual will wok on the FBI Security Assessment Team (SAT) and appropriately contribute to the daily workload of a highly-skilled and diverse group of security assessment testers. Responsibilities include, but are not limited to:
•Ensure that a comprehensive vulnerability assessment and validation of the effectiveness of security controls identified in the IS security control matrix is performed •Assist with security projects undertaken by the security assessment team which vary widely in complexity and duration but typically require two weeks planning, two weeks on site and two weeks to analyze information and report findings, though months-long assessments have occurred on occasion •Perform IS penetration testing as directed •Ensure that SOPs are updated and followed accordingly •Ensure that the SAT Lab is configured and maintained, to include hardware (server and laptop) and software inventories, server and VMWAre configuration management, patching and etc •Support all IA SAA activities throughout the SAA process and ensure that all documentation is developed and maintained •Perform compliance assessments and test new systems •Develop Plan of Actions and Mitigations as needed •Implement and maintain an effective security program •Ensure that all FISMA requirements are documented and submitted on schedule •Initiate, with approval from the FBI PM or Team Lead, any corrective measures when vulnerabilities are discovered
•Bachelors degree and three or more years of experience •Must possess excellent oral and written communication and time-management skills •Thorough technical proficiency with common commercial and or open source vulnerability assessment tools and techniques used for evaluating operating systems, networking devise, databases and web applications •Broad knowledge of security best practices, security solutions, and methodologies for conducting advance security assessments, to include manual assessments and malicious user testing •Strong understanding of NIST Special Publications 800-37, 800-53 and 800-118 •Intermediate to advanced understanding of networking protocols and operating systems Understanding of OWASP Top 10 •Ability to manually assess the security posture of system or application •Familiarity with the use of operation of security tools such as NMAP, Masscan, Unicornscan, Tenable Nessus/Security Center, Nexpoose, BurpSuite, ZAP, Nikto, Dirburster, SQlMap, HP Webinspect, APP Scan, AppDetective, IBM Gardium