Connsci

IT Services And IT Consulting

Gaithersburg, MD Apply Now Practice Interview

Penetration Tester at Connsci

Job Location Gaithersburg, MD
Seniority Mid-Senior Level
Type Full-time

Share on:

Description

We are seeking a Penetration Tester for one of our government programs.

This individual will be responsible for penetration testing, vulnerability and compliance testing, web application testing, API testing, and supporting various audit and reporting functions.

Responsibilities Vulnerability & Compliance Testing: Conduct authenticated vulnerability scans and compliance evaluations across networks, systems, endpoints, and cloud platforms.

Web Application Testing: Conduct security assessments of agency web applications using OWASP Top 10 and industry best practices.

Perform authenticated/unauthenticated scans using tools like Burp Suite and OWASP ZAP.

Identify vulnerabilities such as injection flaws, authentication weaknesses, session mismanagement, and sensitive data exposure.

Validate application security controls against NIST CSF subcategories API Testing: Evaluate REST/GraphQL APIs for authentication, authorization, and input validation weaknesses.

Conduct fuzzing and misuse testing to identify broken object-level authorization (BOLA) and mass assignment vulnerabilities.

Role: Penetration Tester
Company: Connsci
Location: Gaithersburg, MD
Job found on: 7th of October, 2025

Apply Now Practice Interview

Books to help you to get this job / Recommended Reading:

Get That Job!: The Quick and Complete Guide to a Winning Interview

By Thea Kelley