Jefferson Wells is looking for Application Penetration Testers.
This position involves performing security vulnerability assessment and penetration testing services for various client environments, including conventional and cloud infrastructures. Engagements may involve a single or mixture of environments, including network, system, wireless, or mobile and applications that are web-based, server-based mobile or Cloud-based.  Additionally, engagements may involve various types of social engineering such as physical, phishing, vishing, etc.
The successful candidate will be able to work effectively in both individual or team environments, and must be a self-starter, who is able to contribute to the overall success of the client delivery team.

Typical Duties:

• Conduct formal vulnerability assessments and penetration tests of networks, systems, web-based applications, and other types of information systems on a regular basis.
• Execute assigned vulnerability assessments and penetration tests independently and complete directives in a thorough and timely fashion
• Perform testing using defined methodologies and a combination of automated and manual tools
• Demonstrate critical thinking and creative analysis techniques in executing tests and distilling test results, eliminating false positives and providing actionable recommendations for mitigation
• Create and deliver reports that effectively capture, explain and communicate the results of assessments and tests to varying technical and business audiences
• Perform tests as an individual or as part of a testing team

Basic Qualifications:

• 5+ years’ recent demonstrable experience in positions with primary responsibilities that include vulnerability assessment and penetration testing of a variety of target environments (e.g., pen tester, red team tester, vulnerability assessor)
• 5+ years’ experience with vulnerability assessment and penetration testing tools (e.g., Nessus, Nexpose, Metasploit, nmap, BurpSuite, Kismet, Nipper, Wireshark and Kail)
• 5+ years’ experience with independently analyzing testing results and writing assessment and test reports
• 2+ years’ recent demonstrable experience executing vulnerability assessments and penetration tests against public, private and hybrid cloud environment
• 3+ years’ experience with configuring, administering, and troubleshooting networks and application platforms
• 2+ years’ recent experience in technical a consulting project delivery role
• Excellent time management, written documentation and oral presentation skills

Additional Desired Qualifications:

• Knowledge of TCP/IP protocols and networking architectures
• Knowledge of databases, applications, and web server design and implementation.
• Knowledge of security and IT standards, such as ISO, NIST, OWASP, ITIL and COBIT
• Knowledge of the National Vulnerability Database (NVDB)
• Knowledge of security configuration and testing of common infrastructure, networks, systems and applications platforms
• Experience assessing and testing network devices, including Firewalls, Router and Switches
• Goal-oriented penetration testing experience as a member of an attack team is a plus.
• Security or testing certification (e.g., CEH, CISSP, CISM) is a plus