Job Details

Overview

The Commonwealth Office of Technology (COT) is seeking a talented penetration tester to join the COT penetration testing team. The candidate will perform a variety of engagements, including network penetration tests, red/purple teaming, wireless assessments, web-application penetration tests, and more. Candidates must have experience in penetration testing/red-teaming and performing vulnerability assessments manually. Strong verbal and written communication skills are required. The role involves executing full-cycle engagements independently and as part of a team using industry-standard tradecraft. Experience with multiple operating systems (e.g., Windows, Linux), networking concepts, and basic scripting is required.

Requirements

• Experience in penetration testing and red-teaming.
• Ability to perform manual vulnerability assessments.
• Excellent verbal and written communication skills.
• Experience with multiple operating systems, networking concepts, and basic scripting.

Experience

• Experience executing full-cycle penetration testing engagements independently and in a team environment.
• Experience providing high-level technical expertise and leadership in security solution development and delivery.
• Experience in research and development for emerging technologies and ensuring effective integration of technologies.
• Experience identifying and managing risks and issues related to securing applications or selecting COTS solutions.

Responsibilities

• Perform network, web-application, wireless, and red/purple team penetration testing engagements.
• Collaborate with project managers, developers, and management to identify threats and vulnerabilities in applications and business processes.
• Provide technical guidance and direction to other teams.
• Conduct research and development activities related to emerging technologies.
• Identify and manage security risks and issues associated with applications and technology solutions.
• Participate in Capture the Flag (CTF) exercises to demonstrate skills and experience.

Should Have

• Strong analytical and problem-solving skills.
• Ability to work effectively both independently and as part of a team.
• Attention to detail and strong organizational skills.

Skills

• Penetration testing and red-teaming skills.
• Vulnerability assessment skills.
• Knowledge of operating systems, networking concepts, and scripting.
• Security solution development and risk management skills.

Qualification And Education

• Bachelors degree in a related field (preferred).
• Security certifications such as OSEP, OSCE, OSCP, or OSWE (preferred).