Security/Penetration Tester

CVP is an award-winning healthcare and next-gen technology consulting firm recognized for excellence and innovation in the solutions we have provided our clients across healthcare, national security, and the public sector.

We are seeking a Penetration Tester to join our team of experts tasked with securing the critical networks and systems our clients depend on.

• Analyze security policies that identify procedures and rules for accessing and using IT resources for effectiveness, make suggestions on security policy improvements, and work to enhance methodology material.
• Apply programming language structures (e.g., source code review) and logic.
• Conduct and/or support authorized penetration testing on enterprise network assets.
• Conduct application vulnerability assessments.
• Conduct vulnerability scans and recognize vulnerabilities in security systems.
• Conduct analysis of log files, evidence, and other information to determine best methods for conducting vulnerability assessments and penetration tests
• Design tests and tools to try to break into security-protected applications and networks to probe for vulnerabilities.
• Develop insights about the context of an organization’s threat environment
• Follow industry best practices and methodologies, including the Open Web Application Security Project (OWASP) Testing Guide, to perform penetration testing services to uncover vulnerabilities across various systems and applications across the network.
• Identify systemic security issues based on the analysis of vulnerability and configuration data.
• Maintain knowledge of the latest methods for ethical hacking and testing and always evaluating new penetration testing tools.
• Mimic threat behaviors.
• Perform impact/risk assessments.
• Document findings, write security reports, discuss solutions with IT teams and management, and provide feedback and verification after security fixes are issued.
• Research new threats, attack vectors, and risk
• Review logs to identify evidence of past intrusions.
• Share meaningful insights about the context of an organization’s threat environment that improve its risk management posture.
• Test system and applications using a manual in-depth testing methodologies and tools (e.g. Burp Suite Pro, ZAP Proxy, IronWASP, etc...)
• Test systems and applications using automated tools and manual methods (e.g. CoreImpact, Kali Linux, Nessus, NMap, etc...)
• Maintain appropriate technical and procedural documentation
• Build and maintain client and stakeholder relationships
• Complete projects, tasks, and associated deliverables on time and with quality.

• 4-year college degree in Computer Science or related field and 0 - 2 years’ experience or 5 years’ experience in lieu of a college degree.
• Excellent communication skills, both written and oral.
• Ability to learn and work independently

Desired Skills

• Certified Ethical Hacker
• System Admin experience
• Understanding of DevSecOps process and tools
• ISSO experience

About CVP

CVP is an award-winning healthcare and next-gen technology and consulting services firm solving critical problems for healthcare, national security, and public sector clients. We help organizations achieve lasting transformation.

CVP is an Equal Opportunity Employer dedicated to actively recruiting individuals and providing advancement opportunities based on merit and legitimate job qualifications. We ensure that all associates receive equal opportunities based on their personal qualifications and job requirements. CVP strictly prohibits any form of discrimination or harassment.

At CVP, we cultivate a work environment that encourages fairness, teamwork, and respect among all associated. We are committed to maintaining a workplace where everyone can grow both personally and professionally.