View Our Website View All Jobs

Web Application Penetration Tester

Web Application Penetration Tester

TISTA Science and Technology Corporation, a CMMI Maturity Level 3 company, focuses on delivering information technology (IT) and professional services to Federal and State agencies. TISTA is an Inc. 500 company, a recipient of the 2010 Top 100 Service-Disabled Veteran-Owned Businesses from Diversity Business, recognized in Washington Technology’s FAST 50 list of the fastest growing small businesses in government contracting in 2012 & 2013, recognized as the Top 25 Fastest Growing Small Technology companies by the Washington Business Journal in 2014 & 2015, and selected as the Veteran Owned Company of the Year in 2014 by the Montgomery County MD Dept. of Economic Development. 

Job Description:

Conduct network and web application penetration testing, code reviews, social engineering, red team engagements, and physical security assessments. Conduct security assessments on a wide variety of technologies and implementations. Simulate sophisticated cyber attacks for clients worldwide. Write reports to document your findings and brief event details to stakeholders.


  • Eight or more (8+) years of experience in IT (hands on technical), with expertise and/or training in penetration testing or vulnerability assessment. 
  • 10+ years of (technical) Information Security, Red Team, development operations, incident response, or forensics analysis experience
  • Extensive hands-on experience with ethical hacking, firewall and intrusion detection and prevention technologies, secure coding practices, and threat modeling.
  • Expert knowledge of defensive cybersecurity techniques and technologies.
  • Must have - Hands-on experience with one or more scripting languages such as Python, Powershell, WMI, Bash, AWK, JavaScript, or Ruby.
  • An aptitude for technical writing, including assessment reports, presentations and operating procedures.
  • Expert understanding of Open Source Security Testing Methodology Manual (OSSTMM), Open Web Application Security Project (OWASP), and National Institute of Standards and Technology (NIST) Special Publications.
  • Experience with API testing and Mobile Application testing. Expert knowledge of defensive security techniques and technologies.


  • Bachelor's degree in Computer Science or Cybersecurity; can be substituted for years of experience
  • DOD IAT level III compliant and two or more from the following categories:
  • Incident Response and Forensics: GCFA, GCIH,
  • Penetration testing: GPEN, GXPN, GWAPT, LPT, OSCP, OCSE

Security Clearance Requirement:

Top Secret SCI


Fort Meade, MD

Equal Opportunity Statement:

TISTA is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status.



Read More

Apply for this position

Apply with Indeed
Attach resume as .pdf, .doc, or .docx (limit 2MB) or Paste resume

Paste your resume here or Attach resume file

To comply with government Equal Employment Opportunity / Affirmative Action reporting regulations, we are requesting (but NOT requiring) that you enter this personal data. This information will not be used in connection with any employment decisions, and will be used solely as permitted by state and federal law. Your voluntary cooperation would be appreciated. Learn more.
Veteran/Disability status