Security Penetration Tester
@ General Dynamics Information Technology

Hybrid
$115,000
Hybrid
Full Time
Posted 14 hours ago

Your Application Journey

Personalized Resume
Apply
Email Hiring Manager
Interview

Email Hiring Manager

XXXXXXXXX XXXXXXXXXXXXX XXXXXXXX****** @gdit.com
Recommended after applying

Job Details

Overview

GDIT is seeking a Security Penetration Tester to join our Federal Services System Support and Oversight (FSSSO) team. In this role, you will conduct security assessments using Burp Suite and OWASP ZAP, perform authenticated dynamic scans, and use Snyk for static application security testing. This remote opportunity supports the Centers for Medicare & Medicaid Services (CMS) activities.

Key Responsibilities

  • Conduct security assessments including vulnerability scanning and penetration testing.
  • Analyze web applications for vulnerabilities like XSS, SQL injection, CSRF, etc.
  • Create detailed reports including severity ratings and risk analysis.
  • Collaborate with developers and IT teams to remediate vulnerabilities.
  • Stay updated with security trends, tools, and vulnerability management.
  • Participate in security incident response and investigations as needed.

Required Skills & Qualifications

  • Bachelor’s degree with 3+ years of experience in security assessments.
  • Strong hands-on experience with Burp Suite and knowledge of OWASP Top 10.
  • Proficiency in web technologies: HTML, JavaScript, CSS, HTTP protocols.
  • Experience with other security tools like Nmap, Nessus, and Wireshark is a plus.
  • Familiarity with automated testing tools including Snyk and OWASP ZAP.
  • At least one active certification like OSCP or CEH preferred.
  • Experience with Agile methodologies and working in DevSecOps environments.
  • MUST be eligible to obtain Federal Public Trust clearance; must have lived in the US for 3/5 years.

Preferred Qualifications

  • Understanding advanced web attack techniques and exploitation methods.
  • Experience with Salesforce and scripting languages such as Python, Bash, or JavaScript.
  • Familiarity with cloud security, containers, microservices and healthcare industry standards.

Total Rewards & Benefits

GDIT offers competitive salary packages, flexible work arrangements, comprehensive health benefits, 401K with company match, paid time off and various other employee benefits.

Key skills/competency

  • Penetration Testing
  • Burp Suite
  • OWASP ZAP
  • Vulnerability Scanning
  • Snyk
  • Web Application Security
  • Risk Analysis
  • Agile
  • DevSecOps
  • Security Compliance

How to Get Hired at General Dynamics Information Technology

🎯 Tips for Getting Hired

  • Customize your resume: Highlight relevant penetration testing skills.
  • Emphasize certifications: Include OSCP, CEH, or similar.
  • Showcase experience: Detail vulnerability scanning and risk analysis.
  • Prepare for technical screening: Refresh on Burp Suite and OWASP ZAP.

📝 Interview Preparation Advice

Technical Preparation

Review Burp Suite functionalities and advanced settings.
Practice penetration testing on demo web apps.
Brush up on OWASP Top 10 vulnerabilities.
Familiarize with Snyk and similar static testing tools.

Behavioral Questions

Describe handling of security incidents.
Explain team collaboration under pressure.
Outline past experience with vulnerability remediation.
Discuss approach to continuous learning in cybersecurity.

Frequently Asked Questions