Penetration Tester 10

Essential Qualifications/Experience:

·       Extensive knowledge and experience (more than 3 years) in the following areas:

ü  Web application penetration testing

ü  IT infrastructure penetration testing

ü  Network security architecture design

ü  Assessing security vulnerabilities within OS, software, protocols & networks

ü  Researching and evaluating security products & technologies

ü  Knowledge in system and network administration of UNIX and Windows systems

ü  Use of penetration testing tools, techniques, and recognized testing methodologies

ü  Scripting skills in at least one of the following: Perl, Python, Ruby, shell (bash, ksh, csh)

ü  Technical knowledge in system and network security, authentication and security protocols, cryptography, application security, as well as, malware infection techniques and protection technologies

ü  Ability to evaluate risks and formulate mitigation plans

ü  Proven ability to write clear and structured technical reports including executive summary, technical findings and remediation plan for several different audiences

DUTIES/ROLE:

·       Lead and/or be part of the Red/Blue Team during NATO military exercises

·       Provide Web, infrastructure and application level penetration testing

·       Provide security design reviews to ensure compliance with NATO policies and directives

·       Provide security consultancy and advice to projects, plans, and other entities

·       Build and sustain effective communications with different stakeholders; specifically, the NCIA Configuration Control Board, Security Accreditation Boards, NATO Security Accreditation Authorities, and NCI Agency organization units supporting accreditation processes

·       Brief at both executive and technical levels on security reports and testing outcome, including at flag officer level

·       In co-ordination with the Head of the Penetration testing Cell, ensure proactive collaboration and coordination with internal and external stakeholders