information security specialist Montpelier, VT
Job description
Job Position:- Cybersecurity Penetration Testing
Duration: Long Term
Location Montpelier, Vermont
REQUIREMENTS:
1. The selected contractor will work closely with ADS, AOT and Deighton personnel as required during this engagement.
2. VAMIS OM Implementation schedule is such that if the testing cannot be done in parallel, The OM module needs to be tested first.
3. External web application penetration testing, of VAMIS against their “production like” environments. Two URLs. (Provided at project launch).
4. Endpoint penetration testing. One REST endpoint (provided at project launch)
5. Perform penetration tests including “black box” testing on the web site(s) / endpoints defined above to assess the extent of a compromise an attacker can achieve by identifying and exploiting any vulnerabilities. Also testing as an “authenticated user”. (Number of user roles goes here)
6. Comprehensive report of risk-ranked vulnerabilities/findings and associated exploits.
7. Following each penetration test and remediation of specific identified vulnerabilities, a retest will be performed specifically to determine whether the vulnerabilities were successfully remediated.
8. The contractor will log and trace every packet sent to Deighton as part of the test and shall provide log files to AOT as an addendum to the report deliverable(s).
9. Attestation of destruction of any information obtained by the contractor resulting from these penetration tests.
10. Penetration testing must be conducted from US soil. All data obtained in the course of this engagement must always remain on US soil . If this is not possible, please explain.
11. The contractor will produce an initial report of any findings within 5 business days following the completion of the initial testing.
12. Contractor is authorized to perform this test during the testing period between 8:00 am and 4:30 pm EST.
13. The contractor will provide the State with a final report of any findings and results within 5 business days after the penetration testing is completed.
14. The report will include all identified vulnerabilities, criticality levels, steps to reproduce or screenshots and recommended corrective methods and actions.
Job Type: Contract
Pay: $50.00 - $60.00 per hour
Schedule:
- 8 hour shift
Ability to commute/relocate:
- Montpelier, VT: Reliably commute or planning to relocate before starting work (Required)
Application Question(s):
- Are you a U.S. Citizen?
Experience:
- Cybersecurity: 5 years (Required)
- penetration testing: 5 years (Required)
Security clearance:
- Confidential (Preferred)
Work Location: In person
