Wisconsin DHS Technical Security Testing Lead (Pen Testing & Vulnerability SME)
Share
Job Location:
Madison, OH - USA
Monthly Salary:
Not Disclosed
Posted on:
4 hours ago
Vacancies:
1 Vacancy
Job Summary
Job Summary:
The Technical Security Testing Lead is responsible for planning executing and documenting comprehensive technical security testing activities. This includes vulnerability scanning segmentation testing configuration reviews and application-level testing ensuring alignment with established rules of engagement and security best practices. The role requires a strong understanding of security tools and cloud environments with the ability to identify vulnerabilities provide actionable recommendations and produce detailed technical reports.
The Technical Security Testing Lead is responsible for planning executing and documenting comprehensive technical security testing activities. This includes vulnerability scanning segmentation testing configuration reviews and application-level testing ensuring alignment with established rules of engagement and security best practices. The role requires a strong understanding of security tools and cloud environments with the ability to identify vulnerabilities provide actionable recommendations and produce detailed technical reports.
Location:Madison Wisconsin United States
Responsibilities:
- Develop and maintain a technical testing plan aligned with rules of engagement obtaining necessary approvals.
- Perform authenticated and unauthenticated vulnerability scanning.
- Conduct segmentation testing firewall rule analysis and network boundary validation.
- Validate configuration compliance against CIS Benchmarks.
- Perform DAST/SAST and code review as required.
- Support cloud security configuration reviews for cloud components.
- Produce technical evidence including screenshots logs and confirmed findings.
- Identify and justify false positives.
- Generate prioritized recommendations aligned to risk.
- Validate the accuracy of externally provided scans.
- Develop and maintain a technical testing plan aligned with rules of engagement obtaining necessary approvals.
- Perform authenticated and unauthenticated vulnerability scanning.
- Conduct segmentation testing firewall rule analysis and network boundary validation.
- Validate configuration compliance against CIS Benchmarks.
- Perform DAST/SAST and code review as required.
- Support cloud security configuration reviews for cloud components.
- Produce technical evidence including screenshots logs and confirmed findings.
- Identify and justify false positives.
- Generate prioritized recommendations aligned to risk.
- Validate the accuracy of externally provided scans.
Required Skills & Certifications:
- OS network and cloud security testing experience.
- Strong knowledge of vulnerability scanning tools (e.g. / Nessus Qualys Nmap Wireshark).
- Experience with CIS-CAT Pro.
- Experience with web application security testing tools (e.g. BurpSuite / OWASP ZAP).
- Familiarity with Azure/AWS security tools (e.g. GuardDuty Azure Defender).
- Ability to perform low-impact testing within production environments when permitted.
- OSCP or acceptable alternatives (CEH PenTest GPEN GWAPT).
- OS network and cloud security testing experience.
- Strong knowledge of vulnerability scanning tools (e.g. / Nessus Qualys Nmap Wireshark).
- Experience with CIS-CAT Pro.
- Experience with web application security testing tools (e.g. BurpSuite / OWASP ZAP).
- Familiarity with Azure/AWS security tools (e.g. GuardDuty Azure Defender).
- Ability to perform low-impact testing within production environments when permitted.
- OSCP or acceptable alternatives (CEH PenTest GPEN GWAPT).
Preferred Skills & Certifications:
- CISSP or CySA
- Azure/AWS Security Certifications
- CISSP or CySA
- Azure/AWS Security Certifications
Special Considerations:
- None specified.
- None specified.
Scheduling:
- Not specified.
- Not specified.
Key Skills
- Academics
- Apache Commons
- Apache Tomcat
- Filing
- Condition Monitoring
