Senior ISSE/Penetration Tester
Maryland, United States of America
Full Time
11 hours ago
$180,000 - $210,000 USD
No Visa Sponsorship
Key skills
Distributed SystemsAgileRisk ManagementCommunicationRemote WorkPenetration Testing
About this role
Role Overview
- Plan, lead, and execute internal and external penetration testing on enterprise systems, networks, and web applications.
- Conduct security verification testing, vulnerability assessments, and risk analyses throughout the system lifecycle.
- Analyze system implementations against applicable security policies, frameworks, and compliance requirements, recommending and implementing improvements.
- Design and assess information security architectures for large-scale, distributed systems.
- Identify, assess, and mitigate security threats and vulnerabilities using industry-standard tools and methodologies.
- Collaborate with systems engineering, test, integration, and development teams to ensure security requirements are built into system designs.
- Serve as a subject matter expert for security architecture, providing guidance to program managers, customer technical representatives, and internal teams.
- Evaluate the impact of new development and system changes on the operational security posture.
- Support risk management, security control assessments, continuous monitoring, and related information assurance activities.
- Contribute to Agile ceremonies, including Program Increment Planning.
- Mentor team members by sharing knowledge of vulnerabilities, attack vectors, and remediation strategies.
Requirements
- At least 10 years of relevant experience performing both ISSE and penetration testing functions.
- Extensive hands-on experience with penetration testing and vulnerability assessment tools, such as Nessus, Nmap, and Wireshark.
- Demonstrated knowledge of security architecture principles, including defense-in-depth, access control, authentication, authorization, PKI, and encryption.
- Experience applying the Risk Management Framework (RMF).
- Experience developing, assessing, and implementing IT security policies and secure system configurations.
- Experience performing risk assessments, security audits, and vulnerability remediation.
- Strong ability to manage multiple tasks and systems simultaneously in complex environments.
- Excellent written and verbal communication skills, with the ability to clearly articulate technical findings and trade-offs.
- Ability to work both independently and collaboratively in a fast-paced environment.
Tech Stack
- Distributed Systems
Benefits
- Health Insurance: Comprehensive medical, dental, and vision plans.
- Retirement Plan: 401(k) with company match.
- Paid Time Off: Generous PTO policy including vacation, sick leave, and holidays.
- Professional Development: Opportunities for training, certifications, and career advancement.
- Work-Life Balance: Flexible work schedules and remote work options.
- Wellness Programs: Employee assistance programs, wellness initiatives, and gym membership discounts.