Senior Security Test and Evaluation Analyst

Edgewater Federal Solutions seeks an experienced Senior Security Test and Evaluation Analyst.  This role will implement comprehensive security testing to include all phases of the ethical hacking process (e.g., reconnaissance, footprinting, scanning, exploitation, and post-exploitation).

This work will be conducted onsite in Washington, DC.

• Implement comprehensive security testing to include all phases of the ethical hacking process (e.g., reconnaissance, footprinting, scanning, exploitation, and post-exploitation).
• Conduct security assessment activities (e.g., static or dynamic code review, system architecture diagram
• review, control evaluation).
• Analyze data, identify vulnerabilities, and develop corresponding mitigation strategies.
• Conduct scenario-based and functional security testing during authenticated and unauthenticated testing.

• At least five years of experience performing the functions associated with this labor category.
• Experience implementing comprehensive security tests that include all phases of the ethical hacking process (e.g., reconnaissance, footprinting, scanning, exploitation, and post exploitation) and other security assessment activities (e.g., static or dynamic code review, system architecture diagram review, control evaluation) to demonstrate or emulate an adversary’s ability to gain unauthorized access to sensitive data and systems that reside in either local (on-premises) or cloud computing solutions.
• Experience analyzing data, identifying vulnerabilities, and developing corresponding mitigation strategies.
• Experience conducting scenario-based and functional security testing during authenticated and unauthenticated testing.
• Deep understanding of network protocols, configurations, security technologies, and security practices, including network security, operating system hardening, database security, and web application security for both local (on-premises) and cloud computing solutions.
• Deep understanding of common vulnerabilities and attack vectors, including experience identifying and exploiting vulnerabilities in operating systems (e.g., Windows, Linux, and macOS), network devices (e.g., firewalls, routers, and switches) and web applications and application program interfaces (e.g., SQL injection, cross-site scripting and cross-site forgery).
• Certification in one of the following: 

• Certified Information Systems Security Professional (CISSP)
• Offensive Security Certified Professional (OSCP)
• GIAC Penetration Tester (GPEN)
• Equivalent

About Us:

Edgewater Federal Solutions is a privately held government contracting firm located in Frederick, MD. The company was founded in 2002 with the vision of being highly recognized and admired for supporting customer missions through employee empowerment, exceptional services and timely delivery. Edgewater Federal Solutions is ISO 9001, 20000-1, 270001 certified, appraised at CMMI Level 3 Maturity for Development and Services, and has been named in the Top Workplaces in the Greater Washington Area Small Companies for 2018 through 2024.

It has been and continues to be the policy of Edgewater Federal Solutions to provide equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, marital status, veteran status, and/or other statuses protected by applicable law. #LI-SW1