Exploitation Analyst​/Penetration Tester

Exploitation Analyst / Penetration Tester

Location:

Remote

Terms:

Full-time

Clearance:
Public Trust

Harmonia Holdings Group, LLC is an award‑winning, rapidly growing federal government contractor committed to providing innovative, high‑performing solutions to our government clients and fostering a workplace that encourages growth, initiative, creativity, and employee satisfaction.

As a Penetration Tester, you will play a crucial role in proactively discovering vulnerabilities in systems and on the Department of Veterans Affairs networks. Your primary focus is completing time‑based penetration tests to support the Authority to Operate (ATO) approval process for System Owners.

• Perform penetration testing against various systems, which may include web applications, databases, web services, network devices, operating systems, cloud installations, and infrastructure (hardware) devices.
• Utilize a variety of industry‑standard security tools to conduct manual‑based security assessments.
• Review new vulnerabilities as they are published and develop impact assessments.
• Determine risk from vulnerabilities based on availability of exploit and potential loss of information and IT services capabilities.
• Produce periodic trending and impact reports as required.
• Generate reports (automated and manual) based on results from assessments and explain in detail to customers.
• Develop new testing techniques and programs to support the Penetration Testing team.
• Manage and maintain hardware and software with an ability to provide infrastructure maintenance support to attack systems.
• Knowledge and experience with processes and procedures relating to information gathering, threat modeling, vulnerability analysis, exploitation, post‑exploitation, and reporting.
• May be required to work outside normal duty hours to perform assessments on certain systems.

• Bachelor's degree (or 8 years of additional relevant experience may be substituted for education)
• 1‑4 years of experience in IT functions such as network administration, engineering, or security
• 1 year of experience supporting offensive cybersecurity roles
• Experience with the following:
• Support Windows, Unix, and Linux operating systems
• VMware
• Kali Linux Suite
• Nessus Scanner (Tenable)
• Red Hat Enterprise Linux
• Nmap
• Ability to conduct scripting in Bash and Power Shell
• Preferred
  
  Certifications:
• OSCP
• PNPT
• Pentest+
• CISSP
• CEH

Harmonia is an Equal Opportunity Employer providing equal employment opportunity to all employees and applicants for employment without regard to race, color, religion, national origin, age, gender, gender identity, sexual orientation, disability, or genetics. Harmonia does and will take affirmative action to employ and advance in employment individuals with disabilities and protected veterans. To perform the above job successfully, an individual must possess the knowledge, skills, and abilities listed;

meet the education and work experience required; and must be able to perform each essential duty and responsibility satisfactorily. Other duties in addition to those listed may be assigned as necessary to meet business needs. Reasonable accommodation will be made to enable an applicant with a disability to successfully apply for and/or perform the essential duties of the job. If you are in need of an accommodation, please contact