Penetration Tester

Applied Network Solutions Inc. - San Antonio, TX

Full-time
Description:
Applied Network Solutions, Inc. (ANS) is a technology company with extensive experience solving difficult problems or issues within the network and cyber domains. Here at ANS, you will have access to a variety of technology experts in today’s innovative technologies with opportunities to enhance your skills in our on-site Technology Innovation Center. Members of our team design and develop the next generation of enterprise networks creating solutions that protect our National assets, critical systems and our way of life. We are looking for thinkers, people that want to be all they can be, dedicating themselves to the mission, while striving to create innovative solutions and real outcomes that will always exceed our customers and clients expectations. If you think you have what it takes, then let’s talk!

ANS is seeking a Penetration Tester in San Antonio, TX. This person will be responsible for conducting a holistic evaluation of a system or application; analyzing, evaluating and identifying vulnerabilities and zero days and developing exploits to take advantage of these identified security flaws.

Responsibilities

  • Conducting penetration testing, reverse engineering and development of code/scripts to leverage attack vectors; conduct vulnerability and compliance assessments on Windows and UNIX/Linux hosts; identifying vulnerabilities, analyzing results, manually verifying findings to eliminate false positives or negatives, and capturing artifacts to provide evidence of exploitable vulnerability.
  • Work extensively from the UNIX/Linux command line.
  • Execute network mapping to identify live hosts and active ports, protocols services (PPS) and analyze the results of NMAP data to identify risky PPS.
  • Conduct vulnerability and compliance assessments on AF/DoD systems for Cyber Vulnerability Assessments (CVA); upon demonstrated ability and customer acceptance, conduct penetration test activities; familiarity with Wireshark/TCP Dump and common network vulnerability and compliance scanners such as Nessus, Nexpose, SCAP Compliance Checker, etc.
  • Adequately explain, present, demonstrate [when applicable] and document the operational impact of a particular vulnerability.
  • Assist customer with implementing policies and tactics, techniques and procedures for conducting assessments.
  • Exhibit good writing and communications skills, to include the ability to render concise reports, summaries and formal oral presentations.
Requirements:
  • Active TS/SCI required.
  • Bachelor’s degree in Engineering, Applied Science or similar technical discipline OR an equivalent combination of education, training, and experience.
  • IAT Level III (CISSP, CASP, GCIH).
  • Obtain a penetration test certification (i.e., GPEN, GXPN, GWAPT) within 6 months.
  • 5 years hands-on experience with penetration testing and/or reverse engineering.
  • Understand and be proficient in common cyber threat terminology, methodologies, possess an understanding of cyber incident and response, and related current events.
  • Experience Analyzing, disassembling, and reverse engineer code/executables to discern weaknesses for exploitation; document and transition results in reports, presentations, and technical exchanges.
  • Experience with Metasploit Framework, Burp Suite, or similar architectures/ applications.
  • Experience in working with and in a network systems security environment with a focus on security and information assurance.
  • Strong knowledge of Windows® Internals, Windows® Application Programming Interfaces (API), Portable Executable (PE) formats, Windows® Registry, and security models.
  • Experience with Bash and Power Shell.
  • Experience in one of the following scripting languages: Perl, Python or Ruby is required. Strong knowledge of the following programming languages: Assembly, Java, C#, C, C++, and SQL.
  • Work experience with developing proof-of-concept exploit examples to use within reports or live demonstrations.
ANS offers excellent compensation along with a generous benefits package to include PTO, paid holidays, health-dental-vision-life insurance, 401K, a professional development program that exceeds industry standards and more! We focus on supporting our employees, by creating opportunities to expand your skills, and you will be able to take advantage of our tuition assistance and certification trainings. We highly encourage peer-to-peer recognition, and helping you develop the career you want.

Applied Network Solutions, Inc. is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.