Penetration Tester


  • Review the implementation of forms used in browser-based/Web applications and perform input-poisoning attacks
  • Provide server support
  • Conduct web application and code testing for all systems and applications, and open source dependencies, providing analysis and risk assessments for vulnerabilities discovered
  • Utilize code analysis and fuzzing tools that are furnished or approved by the Federal Agency to assess the quality and security of source code
  • Attempt to subvert applications and database security controls
  • Test susceptibility to other input poisoning
  • Provide reports as needed to the Federal Agency based on testing.
  • Be flexible to support multiple PEN engagements as needed.
  • Conduct testing in accordance with the following Federal standards, and Industry best practices:
  • National Institute of Standards and Technology (NIST) Technical Guide to Information Security Testing and Assessment SP800-15
  • Open Web Application Security Project (OWASP)

Required Skills:

  • Green Card or US Citizen preferred.
  • Strong knowledge to perform below test:
    • Penetration testing/documentation
    • Malicious Software Analysis
  • Strong foundation in one or more of the following:
    • Authentication methods
    • Network & Cloud security best practices
    • Strong technical acumen securing software
  • Experience with tools such as or similar to Nessus/AppScan/Burp Suite in a complex network environment will be preferred
  • Demonstrated ability of exploit and mitigate application-level vulnerabilities

 Education/Experience Level:

  • 2-4 years of security related experience and background
  • A Bachelor’s degree or equivalent experience in Computer Science, Electrical Engineering, Information Assurance, Network Security Computer Engineering or related field.
Founded in 2004, Sparksoft is a Small Business (WOSB), Small Disadvantaged Business (SDB), CMMI Level 3, ISO 9001:2015, ISO 27001:2013, HUBZone, 8(a), Women-Owned, and Minority-owned business (SWaM), MBE/DBE/SBE holding prime contracts with SPARC, GSA and Navy Seaport-e.Lead by a team with over 20 years of industry experience, we have a proven track record in software development and managing multi-year projects. We work in both federal and commercial spaces, providing innovative solutions in Agile Software Testing, Software Engineering, Program Management, Security & Privacy Solutions, Delivery Management and Health IT. We have dedicated Centers of Excellence in software testing, independent verification and validation, and security and privacy, that are designed to fulfilL the IT needs of any commercial or government field.
Sparksoft is an Affirmative Action/Equal Opportunity Employer and does not discriminate against any applicant for employment or employee because of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, or any other characteristic prohibited under Federal, State, or local laws.

Apply in Dice

Apply in Monster