RESPONSIBILITIES: Kforce has a client that is seeking an Application Security Tester in Falls Church, Virginia (VA). Summary: Application Security Tester - Able to plan, communicate, coordinate and conduct penetration tests and security assessments for applications, systems and enterprise networks. Candidates must have 3+ years of penetration testing experience. Job responsibilities: Plan, communicate, coordinate and perform penetration testing, application testing, and security assessments at application, system and enterprise level Develop Rules of Engagement, scoping documents and reports Perform manual penetration tests and validation of vulnerability scan results Develops automation/scripts for replicating vulnerability validation and penetration tests Devises plans and scenarios for various types of penetration tests Documents vulnerabilities, relevant exploits, and remediations in final vulnerability assessment report Perform information technology security research to remain current on emerging technology trends and develop exploits for disclosed and undisclosed vulnerabilities Contributes to developing and implementing tools for penetration testing and early warning of weaknesses or possible incidents building on methodologies as promulgated by NIST, ISO, etc. to ensure useful, measurable, and repeatable methods applied to quantifying risk Selects, installs, and configures security testing platforms and tools or develop tools and procedures for penetration tests Performs penetration testing using standard penetration tools (Metasploit, Nmap, Nessus, Burp Suite, etc.) Performs off-hours work as necessary REQUIREMENTS: Bachelor's degree in related field; Or in lieu of degree, equivalent experience in military, civil, or corporate areas will be considered Experience with cyber security development projects and programs for US Government and/or commercial clients Experience with process development and deployment Experience with the following technologies: Nessus Tenable SecurityCenter HP Fortify IBM AppScan WebInspect Experience with three or more of the following: Security COTS integration Operating System Hardening Vulnerability Assessment testing Identification and Authentication schemes Public Key Infrastructure and Identity Management Cross Domain Solutions Reverse Engineering Security engineering Mobile Technologies Cloud Computing Excellent writing skills Desired Certifications (one or more): OSCP CISSP SANS GCIH/GPEN/GWAPT CEH preferred Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.