Security Penetration Tester @ General Dynamics Information Technology
placeHybrid
attach_money $115,000
businessHybrid
scheduleFull Time
Posted 14 hours ago
Your Application Journey
Interview
Email Hiring Manager
****** @gdit.com
Recommended after applying
Job Details
Overview
GDIT is seeking a Security Penetration Tester to join our Federal Services System Support and Oversight (FSSSO) team. In this role, you will conduct security assessments using Burp Suite and OWASP ZAP, perform authenticated dynamic scans, and use Snyk for static application security testing. This remote opportunity supports the Centers for Medicare & Medicaid Services (CMS) activities.
Key Responsibilities
- Conduct security assessments including vulnerability scanning and penetration testing.
- Analyze web applications for vulnerabilities like XSS, SQL injection, CSRF, etc.
- Create detailed reports including severity ratings and risk analysis.
- Collaborate with developers and IT teams to remediate vulnerabilities.
- Stay updated with security trends, tools, and vulnerability management.
- Participate in security incident response and investigations as needed.
Required Skills & Qualifications
- Bachelor’s degree with 3+ years of experience in security assessments.
- Strong hands-on experience with Burp Suite and knowledge of OWASP Top 10.
- Proficiency in web technologies: HTML, JavaScript, CSS, HTTP protocols.
- Experience with other security tools like Nmap, Nessus, and Wireshark is a plus.
- Familiarity with automated testing tools including Snyk and OWASP ZAP.
- At least one active certification like OSCP or CEH preferred.
- Experience with Agile methodologies and working in DevSecOps environments.
- MUST be eligible to obtain Federal Public Trust clearance; must have lived in the US for 3/5 years.
Preferred Qualifications
- Understanding advanced web attack techniques and exploitation methods.
- Experience with Salesforce and scripting languages such as Python, Bash, or JavaScript.
- Familiarity with cloud security, containers, microservices and healthcare industry standards.
Total Rewards & Benefits
GDIT offers competitive salary packages, flexible work arrangements, comprehensive health benefits, 401K with company match, paid time off and various other employee benefits.
Key skills/competency
- Penetration Testing
- Burp Suite
- OWASP ZAP
- Vulnerability Scanning
- Snyk
- Web Application Security
- Risk Analysis
- Agile
- DevSecOps
- Security Compliance
How to Get Hired at General Dynamics Information Technology
🎯 Tips for Getting Hired
- Customize your resume: Highlight relevant penetration testing skills.
- Emphasize certifications: Include OSCP, CEH, or similar.
- Showcase experience: Detail vulnerability scanning and risk analysis.
- Prepare for technical screening: Refresh on Burp Suite and OWASP ZAP.
📝 Interview Preparation Advice
Technical Preparation
circle
Review Burp Suite functionalities and advanced settings.
circle
Practice penetration testing on demo web apps.
circle
Brush up on OWASP Top 10 vulnerabilities.
circle
Familiarize with Snyk and similar static testing tools.
Behavioral Questions
circle
Describe handling of security incidents.
circle
Explain team collaboration under pressure.
circle
Outline past experience with vulnerability remediation.
circle
Discuss approach to continuous learning in cybersecurity.
Frequently Asked Questions
What key skills are essential for the Security Penetration Tester role at General Dynamics Information Technology?
keyboard_arrow_down
What certifications are preferred for applying as a Security Penetration Tester at GDIT?
keyboard_arrow_down
Is the Security Penetration Tester role open to remote work at General Dynamics Information Technology?
keyboard_arrow_down
What experience level does GDIT require for the Penetration Tester position?
keyboard_arrow_down
How does the Security Penetration Tester at GDIT contribute to CMS activities?
keyboard_arrow_down