Organization: Accenture Federal Services
Location: Washington, DC
Accenture Federal Services, providing a tailored strategy to address the many cybersecurity challenges faced by customers in today’s ever-changing business and industry landscape. Our team delivers a wholistic approach to cybersecurity assessment, monitoring, investigation, and response. Whether we’re defending against identified threat actors, detecting and responding to the unknown, or running an entire security operations center, we build cyber resilience so our clients can grow with confidence in their security.
A Penetration Tester provides clients with thorough assessments that emulate real world attacks to ensure environments are secure. You go beyond vulnerability identification and provide clients with Security Control feedback and provide recommendations on how to best secure an environment.
The Security Specialist will follow industry best practices and methodologies, including the Open Web Application Security Project (OWASP) Testing Guide, to perform penetration testing services to uncover vulnerabilities across various web applications
Perform network penetration testing, using tools such as nmap, Metasploit Pro, Cobalt Strike. Test web services using automated web application scanning methodologies and tools (e.g. IBM AppScan, HP WebInspect, Acunetix WVS, etc...)
Test web services using a manual in-depth testing methodologies and tools (e.g. Burp Suite Pro, ZAP Proxy, IronWASP, etc...)
Summarize and document results of testing for management reporting including proper disposition of test exceptions.
Research new threats, attack vectors, and risk.
Report on security vulnerabilities via formal reports and weekly status updates.
Verify the security findings from other members of the penetration testing team.
Here's what you need:
- Bachelor’s Degree
- 7 years' experience
- Must be a US Citizen
Bonus points if you have:
- Industry certifications relating to IT security and program management preferred (GIAC, GPEN, OSCP, CEH)
- Experience with web application penetration testing tools preferred, such as Burp Suite Pro, IBM AppScan, HP WebInspect, etc...
- Experience with network penetration testing tools
- Ability to work independently and also collaborating closely with application developers, engineers and others.
- Must be self-motivated and results oriented.
- Effective written, oral communication skills, and interpersonal communication skills.
- Strong communications skills to be able to interact with technical and non-technical colleagues.
- Knowledge of the latest security threats, techniques and exploits targeting vulnerabilities
- Network and web application penetration testing
- Vulnerability assessments followed by providing best security practice recommendations and countermeasures
- Strong familiarity with multiple operating systems, databases, applications and platforms.
- Understanding of SQL, XSS, CSRF, XXE, and other trends in web exploitation
- Working understanding of HTML and common web applications
- Thorough understanding of computer networking and the OSI model
- Cyber-threat research, reporting and development/implementation of vulnerability mitigation strategies
- Experience with network, web, and information security
- Self-starter with ability work with little supervision
- Programming experience is a plus!
- Calculate and assess risk based on threats, vulnerabilities, and mitigating factors.
- Expert knowledge in computer and network security.
- Expert level knowledge in penetration testing methodology.
- Knowledge of exploit development.
- Knowledge of common IT technologies (OS, databases, network devices, applications)
- Familiarity in one or more of the following areas: application security, Linux/Windows system security, mobile device security, cloud technologies (IaaS, SaaS environments, etc.), and web technologies.
- Demonstrated knowledge and experience evaluating IT process areas, such as logical and physical access, program development, change management, IT operations etc.
- Strong project management skills and ability to multi-task.
- Detail oriented and analytical.
An active security clearance or the ability to obtain one may be required for this role.
Candidates who are currently employed by a client of Accenture or an affiliated Accenture business may not be eligible for consideration.
Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States and with Accenture (i.e., H1-B visa, F-1 visa (OPT), TN visa or any other non-immigrant status).
Accenture is a Federal Contractor and an EEO and Affirmative Action Employer of Females/Minorities/Veterans/Individuals with Disabilities.
Equal Employment Opportunity
All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.
Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.
Accenture is committed to providing veteran employment opportunities to our service men and women.
LocationsDC,DC - Washington
Life at Accenture
Work where you're inspired to explore your passions and where your talents are nurtured and cultivated. Innovate with leading-edge technologies on some of the coolest projects you can imagine.
Learn more about Accenture
Our more than 500,000 people in more than 120 countries, combine unmatched experience and specialized skills across more than 40 industries. We embrace the power of change to create value and shared success for our clients, people, shareholders, partners and communities.