Booz Allen Hamilton INC. Web and Mobile Application Penetration Tester in Albany, New York
Job Number: R0113413
Web and Mobile Application Penetration Tester
Work with a wide variety of clients to validate security controls around web resources and mobile applications and their backend web services.Work with a team of seasoned security testing professionals to enhance existing services offerings and security testing capabilities and conduct hands on technical testing focused on identification of OWASP type vulnerabilities in both web application and mobile applications.Conduct full exploitation and leveraging of access within multiple environments, including Windows and Nix environment. Develop comprehensive and accurate reports and presentations for both technical and executive audiences. Communicate findings and strategy effectively to client stakeholders, including technical staff, executive leadership, and legal counsel. Act as the primary interface and lead for web and mobile application security testing ranging from 1-3 additional testers and manage the delivery of staff assignments, as needed. Become part of a team of security enthusiasts that perform cutting-edge research and promote an environment of innovation and knowledge-sharing. This position is open to remote delivery from any location in the U.S., to include the District of Columbia.
Experience with using, administering, and troubleshooting different Linux versions
Experience with working in a Windows environments
Experience with scripting and editing existing code and programming, including Perl, Python, Ruby, Bash, C/C++, C\#, or Java
Experience with Burp Suite Pro, incluing identification and usage of relevant plugins
Experience with security assessment tools, including Nessus, Accunetix, Metasploit, or Cobalt Strike
Experience with conducting reverse engineering on mobile applications, including applications with anti-emulator and obfuscation protections
Knowledge of application, database, and Web server design and implementation
Knowledge of network vulnerability assessments, Web application security testing, network penetration testing, or red teaming
BA or BS degree
Experience with working in a commercial consulting or professional services environment
Experience with phishing and other social engineering tactics
Experience with using Ubuntu preferred
Experience with assembly languages, including x86 or reverse engineering
We're an EOE that empowers our people-no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic-to fearlessly drive change.
We are proud of our diverse environment. EOE,M/F/Disability/Vet.