Title: Penetration Tester
Location: McLean, VA
Clearance: Active TS/SCI w/ Polygraph needed to apply

Company Overview:

Cornerstone Defense is the Employer of Choice within the Intelligence, Defense, and Space communities of the U.S. Government. Realizing early on that our most prized assets are our employees, we continually focus our attention on improving the overall work/life experience they have supporting the mission. Our Team is pushed every day to use their industry leading knowledge to provide end-to-end solutions to combat our nation’s toughest and most secure problems. If you are looking for a place to not only be professionally challenged, but encouraged and supported by a company that cares, don’t look any further than Cornerstone Defense.

Benefits Overview: Cornerstone Defense offers a very comprehensive benefits package including, but not limited to:

1. Medical, Dental and Vision Plans
2. Generous PTO Policy
3. 401(k)
4. HSA and FSA options
5. Life and Disability Insurance
6. Tuition Reimbursement and Training
7. Perks at Work Discount Program
8. Referral Program
9. Leads Generation Program
10. CollegeAmerica 529
11. Fitness Reimbursement Program
12. Travel Assistance
13. Norton Lifelock Benefit Solutions
14. Life Planning Financial & Legal Services

Required Skills:

• Conduct internal penetration testing and vulnerability assessment of servers, web applications, web services, and databases
• Manually exploit and compromise operating systems, web applications, and databases
• Examine results of web/OS scanners, scans and static source code analysis
• Identify vulnerabilities, misconfigurations, and compliance issues
• Write final reports, defend all findings to include the risk or vulnerability, mitigation strategies, and references
• Ability to meet and coordinate with various audiences to include developers, system administrators, project managers, and senior government stakeholders
• Provide security recommendations for developers, system administrators, project managers, and senior government stakeholders
• Report vulnerabilities identified during security assessments
• Write penetration testing Rules of Engagements (RoE), Test Plans, and Standard Operating Procedures (SOP)
• Conduct security reviews, technical research, and provide reporting to increase security defense mechanisms
• Experience with NIST 800-53 and Risk Management Framework

Desired Skills:

• Certifications: CEH – Certified Ethical Hacker Certification, CPT – Certified Penetration Tester
• Strong writing skills
• Experience with AWS Cloud Security