Vulnerability Assessment Analyst and Penetration Tester

Vulnerability Assessment Analyst and Penetration Tester Lumbee Holdings, Inc Camp Pendleton, CA Job Details Full-time $90,000 - $130,000 a year 6 hours ago Qualifications Test scanning software Tooling Windows Security system vulnerability testing Windows Server administration Web Application Security Testing Linux administration Vuls Full Job Description Position Title Vulnerability Assessment Analyst and Penetration Tester Position Classification Exempt Position Type This position is full-time and is scheduled to work standard business hours from 8:00 a.m. to 5:00 p.m. Overtime is not expected for this role. Work Location Camp Pendleton, CA Position Description The Vulnerability Assessment Analyst and Penetration Tester is responsible for the delivery of continuous cyber assessments, solving complex technology problems, building tools, and identifying and influencing response to and mitigation of threats. Perform manual assessment of systems, services, and software; specializing in security issues beyond those identified by static analysis tools. The individual ensures services, applications, and websites are designed and implemented to the highest security standards. Responsible for application and hardware penetration testing, automating repetitive tasks using various scripting languages, mentoring, and leading other engineers to deliver complex penetration tests and vulnerability assessments. The individual will be expected to drive automation, tooling, efficiency, and advance the team's penetration testing capabilities. Responsible for creating threat mitigation plans, and other duties as assigned by Program Manager.

Minimum Position Requirements:

Five years of hands-on penetration testing experience with operating systems, web applications, and network infrastructure. Administrator-level knowledge of Windows and Linux Server operating systems. Experience with operating system security. Competent with testing frameworks and tools, such as Burp Suite, Metasploit, Cobalt Strike, Kali Linux, Nessus, PowerShell Empire. Knowledge of the functionality and capabilities of computer network defense technologies, including router Access Control Lists (ACLs), firewalls, Intrusion Detection System (IDS)/Intrusion Prevention System (IPS), antivirus/Endpoint Detection and Response (EDR), and web content filtering. Strong written and verbal communication skills, including the ability to explain complex technical topics to non-technical audiences. Possess one of the following certifications upon onboarding: Offensive Security Certified Professional (OSCP) Offensive Security Web Assessor (OSWA) GIAC Web Application Penetration Tester (GWAPT) GIAC Penetration Tester (GPEN) GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) Offsec Experienced Penetration Tester (OSEP) Offsec Web Expert (OSWE) Obtain one of the following certifications at employees' expense within 9 months of onboarding if not already obtain at onboarding: GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) Offsec Experienced Penetration Tester (OSEP) Offsec Web Expert (OSWE) Physical Requirements for the role This position is primarily sedentary and requires the ability to work at a computer for extended periods, including viewing monitors, using keyboards, and operating standard office equipment. The role may require occasional standing, walking, and minimal lifting (up to 10 pounds). Reports To Assigned Program Manager Supervisory responsibilities None Work Environment The work environment for this position is primarily a professional office or remote setting with standard business conditions. The role involves regular use of computers and related technology in a low-noise environment and frequent collaboration with technical and non-technical team members. Work is generally performed during normal business hours with minimal physical risk, and the environment supports adherence to established cybersecurity, safety, and organizational policies. Security Clearance Requirements Secret Travel Requirements Travel is anticipated to be up to 10% - 15% within the Continental United States and 5%-10% outside the Continental United States Compensation Commensurate with experience and qualifications. Lumbee Holdings is an Equal Opportunity Employer. We do not discriminate in employment based on race, color, religion, sex (including pregnancy, sexual orientation, or gender identity), national origin, age, disability, protected veteran status, or any other status protected by applicable federal, state, or local law.

Note:

This summary is not intended to be a complete description of all benefits. Employees will receive detailed information about benefit plan terms, conditions, and eligibility during onboarding. These statements are intended to describe the general nature and level of work involved for this job. It is not an exhaustive list of all responsibilities, duties, and skills required of this job.