Penetration Testing and Vulnerability Management Specialist

The Opportunity:

EGlobalTech, a Tetra Tech company, is adding a Penetration Testing and Vulnerability Management Specialist to our Systems Engineer team based in Atlanta, GA.  

Why Tetra Tech:

EGlobalTech has been a leader in the IT industry for 31 years. In 2019 we joined Tetra Tech, enabling us to combine our expertise with the reach and resources of a prestigious global organization. 

At Tetra Tech, we are Leading with Science to solve the world’s most complex challenges.  Our industry-leading experts in engineering and consulting are committed to driving positive change in communities around the world.  For over 50 years, we have been at the forefront of innovation and sustainability.  Today we stand as a market leader, offering cutting-edge solutions in water, environment, energy, and international development.  Our work has improved more than 625 million lives around the world.

Your Impact:

Join Tetra Tech to make a real difference.  Our work leverages cutting-edge technologies, advanced analytics, and the expertise of world-class scientists and engineers to create meaningful change around the world. Discover your full potential – join us to advance your career while leaving a lasting legacy.

Your Role:

 Qualified candidates should have experience in software assurance, penetration testing with a range of automated tools, security patch management, secure cloud, and hybrid engineering. This role offers excellent compensation, career growth potential, and a total rewards package that includes PTO, paid holidays and corporate events, continuing education reimbursements, 401K, an Employee Stock Purchase Plan (ESPP) through Tetra Tech, and more!  

Responsibilities:

• Perform penetration testing, software assurance, and vulnerability assessment in support of HHS customers.
• Interpret penetration testing results to identify and recommend corrective actions and/or mitigation strategies.
• Produce and deliver reports on individual and enterprise software assurance efforts, working with service providers and individual programs/systems. Deliverable: Software Assurance Reports.
• Identify and address security implications during software acceptance activities, including completion criteria, risk acceptance and documentation, common criteria, and methods of independent testing.
• Perform security test assessments in support of HHS and system-specific software assurance efforts, working with service providers and individual programs.
• Collaborate with DevSecOps team participants from other organizations to integrate information assurance and cybersecurity needs and practices on a continuous basis throughout Agile development activities including, but not limited to: requirements, design, implementation, testing, and delivery of new IT solutions, applications, services, and systems, or updating and enhancing existing ones.
• Perform and document vulnerability assessments of Government-identified HHS systems (Deliverable: Vulnerability Assessment Reports).
• Update and maintain software assurance SOPs in accordance with IC and HHS policy (Deliverable: Software Assurance Standard Operating Procedures).
• Annually review and update, as needed, all security configurations within automated DevSecOps tools and manual processes to ensure compliance with IC policy. Upon government approval, implement changes to processes and technologies for penetration testing, software assurance, and vulnerability assessment activities, and report metrics in Monthly Status Reports.
• Conduct activities in line with internal procedures, legislation, and industry standards.
• Pursue continuous professional development and maintain a high degree of discipline knowledge and awareness.
•   Work in a safe manner at all times and report all health and safety incidents and concerns
•    Additional duties as required.

Required Qualifications:

• Bachelor's Degree or Master's Degree in a technology discipline from an accredited university.
• Candidate must have Top Secret clearance that is verifiable in DISS
• Must have at least 8+ years of total cyber security and or information technology professional experience.
• Must have at least 5+ years of recent experience in the following technical areas: software assurance, penetration testing with a range of automated tools, security patch management, secure cloud, and hybrid engineering, and CDS, Web application tools
• Cyber security certifications as a Certified Ethical Hacker (CEH) and CISSP, CASP, or comparable demonstrable experience are preferred but not required.
• Must be proficient in the use of Nessus Security Center, Security Content Automation Protocol (SCAP), Web Application Scanning, Penetration Testing, Webinspect, Fortify, and similar tools. Must have recent Software Assurance experience. SonarCube experience is preferred.
• Linux and Cisco Routing and Switching experience.
• This position requires a badge and or clearance the requires an extensive background, credit, and drug screening check.