Senior Penetration Tester (59660)

{
  "content_hash": "438a7ce54e418aaa583e1b9d5067e679da6734d6183b53993a8b0ba43d28718a",
  "source_hash": "b02c7518a51644dfa4f3c8a9f0b3f988dda1aae7e6a94f16924c83c257222d46",
  "last_changed_at": "2026-05-31T19:06:22.044Z",
  "active_status": "active"
}

{
  "language": "en",
  "location": {
    "raw": "REMOTE (United States) - Remote, VA 22211; No Address, Remote, VA, 22211, USA",
    "city": null,
    "region": "VA",
    "country": "United States",
    "is_remote": true,
    "confidence": 0.8
  },
  "salary_max": null,
  "salary_min": null,
  "inferred_at": "2026-06-06T09:54:32.591Z",
  "launch_scope": {
    "reason": "english_us_canada",
    "included": true,
    "language": "en",
    "location": {
      "raw": "REMOTE (United States) - Remote, VA 22211; No Address, Remote, VA, 22211, USA",
      "city": null,
      "region": "VA",
      "country": "United States",
      "is_remote": true,
      "confidence": 0.8
    },
    "countries": [
      "United States"
    ]
  },
  "remote_policy": "remote",
  "salary_period": "day",
  "workplace_type": "remote",
  "salary_currency": null
}

{}

{
  "detail": {
    "city": "Remote",
    "jobId": 304563,
    "level": "Experienced",
    "endDate": "",
    "legalId": 4330,
    "isHotJob": false,
    "jobShift": "Day",
    "jobTitle": "Senior Penetration Tester (59660)",
    "location": "REMOTE (United States) - Remote, VA 22211",
    "startDate": "",
    "clientCode": "0QS68",
    "remoteType": "",
    "description": "<p style=\"text-align: center;\"><span style=\"display:block;font-size:16px;\">BMA is seeking a <strong>Senior Penetration Tester&nbsp;</strong>to support our&nbsp;<span style=\"font-family:Arial,Helvetica,sans-serif;\"><span style=\"color: black;\">Cybersecurity Assessment Program (</span></span>CAP) Program. This position is fully <strong>remote</strong>&nbsp;and <strong>contingent</strong> on contract award.&nbsp;</span></p>\r\n\r\n<p>&nbsp;</p>\r\n\r\n<p><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><strong>Job Summary&nbsp;</strong></span></span></p>\r\n\r\n<p><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Key elements of this work consist of but are not limited to:</span></span></p>\r\n\r\n<ul>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Independently performs penetration testing of applications, systems, and enclaves; identifies security flaws in computing platforms and applications and devises strategies and techniques to mitigate identified cybersecurity risks</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Performs application, network, and wireless penetration testing and security assessments</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Applies offensive cybersecurity testing techniques and coordinates testing projects with internal and external system owners</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Reports on identified cybersecurity risks and recommends mitigation measures to improve the overall cybersecurity posture of the enterprise</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Applies in-depth knowledge of network protocols, operating systems, web application security, reverse engineering, and scripting languages to identify and mitigate vulnerabilities before they can be exploited by threat actors</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Continuously refines and improves cybersecurity defenses and incident response plans</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Supports the development of Assessment Final Reports, Mitigation Effectiveness Reports, and Rules of Engagement</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Supports daily hotwash events, briefings and presentations, and scoping meetings</span></span></li>\r\n</ul>\r\n\r\n<p>&nbsp;</p>\r\n\r\n<p><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><strong>Clearance Requirements&nbsp;</strong></span></span></p>\r\n\r\n<p><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">An active <strong>Secret</strong> security clearance is required at the time of proposal submission.</span></span></p>\r\n\r\n<p>&nbsp;</p>\r\n\r\n<p><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><strong>Required Skills &amp; Certifications&nbsp;</strong></span></span></p>\r\n\r\n<article data-scroll-anchor=\"true\" data-testid=\"conversation-turn-96\" data-turn=\"assistant\" data-turn-id=\"request-WEB:cad5961b-245a-4e50-ac2f-cfbe5690b385-47\" dir=\"auto\" tabindex=\"-1\">\r\n<ul>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">6+ years of proven proficiency performing extensive vulnerability assessments and penetration testing</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">3+ years of experience using testing tools including NESSUS, Metasploit, CANVAS, Nmap, Burp Suite, and Kismet</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">3+ years of experience performing network vulnerability assessments and applying penetration testing methodologies</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">3+ years of experience writing penetration testing and assessment reports</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">2+ years of experience administering, using, and troubleshooting Windows Server and IIS</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">2+ years of experience administering, using, and troubleshooting a major Linux distribution</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">2+ years of experience performing PCI DSS testing</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Possession of one or more penetration testing certifications such as Licensed Penetration Tester (LPT), Certified Expert Penetration Tester (CEPT), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN)</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Knowledge of TCP/IP protocols and networking architectures</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Knowledge of open security testing standards and projects, including OWASP</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Knowledge of database, application, and web server design and implementation</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Experience scripting in Perl, Python, Ruby, Bash, or Java</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Experience with wireless LAN security testing</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Excellent oral communication, written documentation, and presentation skills</span></span></li>\r\n</ul>\r\n\r\n<p>&nbsp;</p>\r\n</article>\r\n\r\n<p><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><strong>Desired Skills &amp; Certifications</strong></span></span></p>\r\n\r\n<ul>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Experience supporting DLA contracts</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Bachelor&rsquo;s degree in a relevant technical field</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Project Management Professional (PMP) certification</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Familiarity with enterprise networks and systems, including servers, databases, APIs, and Active Directory</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Familiarity with web application concepts such as session management, business logic, and input validation</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Familiarity with AI and large language model (LLM) security concerns, including data poisoning and prompt injection exploitation</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Familiarity with operational technology (OT) environments, including SCADA system security and PLC security</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Familiarity with wireless networks, including Bluetooth security and wireless intrusion detection and prevention systems (WIDS/WIPS)</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Familiarity with DevSecOps pipelines, including SAST, DAST, and SCA implementation and automated security testing</span></span></li>\r\n\t<li><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">Familiarity with hybrid environments, including the interconnectivity and security of on-premises and cloud-based systems</span></span></li>\r\n</ul>\r\n\r\n<p>&nbsp;</p>\r\n\r\n<p><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><strong>Other Duties</strong></span></span></p>\r\n\r\n<p><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">This job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.&nbsp;</span></span></p>\r\n\r\n<p>&nbsp;</p>\r\n\r\n<p><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><strong>Overview</strong></span></span></p>\r\n\r\n<p><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">BMA is an employee-owned small business headquartered in Huntsville, AL that provides superior customer service by empowering all levels of our staff to make timely decisions to produce high-quality results. BMA fosters an environment of passion, precision, and dedication in order to fulfill our commitments to our partners, government, and country.</span></span></p>\r\n\r\n<p>&nbsp;</p>\r\n\r\n<p><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><strong>Benefits</strong></span></span></p>\r\n\r\n<p><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\">We believe that our employees well-being is paramount to our success so our benefits package has been crafted with that in mind. We offer multiple healthcare coverage options to include low deductible, high deductible, and plans eligible for our Health Savings Account (HSA) option. Along with medical coverage, employees have dental, vision, accident &amp; illness, short- and long-term disability all available to them. BMA proudly maintains a 401(k) plan with an industry leading 6% match that can include profit sharing based on company performance. Lastly, being an employee-owned company means that BMA offers a 100% Employee Stock Ownership Plan (ESOP), providing eligible employees the opportunity to earn stock in BMA, subject to plan eligibility and vesting requirements.&nbsp;</span></span></p>\r\n\r\n<p>&nbsp;</p>\r\n\r\n<p><span style=\"display:block;font-size:14px;\"><span style=\"font-family:Arial,Helvetica,sans-serif;\"><strong>AAP &amp; EEO Statement</strong><br />\r\n&nbsp;Beshenich Muir &amp; Associates, LLC (BMA) is an Equal opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, religious creed, gender, sexual orientation, gender identity, gender expression, transgender, pregnancy, marital status, national origin, ancestry, citizenship status, age, disability, protected Veteran Status, genetics or any other characteristics protected by applicable Federal, State, or Local Law.</span></span>&nbsp;</p>\r\n",
    "jobCategory": "Professional Services",
    "salaryRange": "",
    "socialMedia": {
      "xLink": null,
      "emailLink": {
        "subject": "Bma%20Technical%20Services%20Inc%20Job%20Opportunity%20Senior%20Penetration%20Tester%20%2859660%29",
        "summary": "BMA%20is%20seeking%20a%20Senior%20Penetration%20Tester%C2to%20support%20our%C2Cybersecurity%20Assessment%20Program%20%28CAP%29%20Program.%20This%20position%20is%20fully%20remote%C2and%20contingent%20on%20contract%20award.%C2%0D%0A%0D%0A%C2%0D%0A%0D%0AJob%20Summary%C2%0D%0A%0D%0AKey%20elements%20of%20this%20work%20consist%20of%20but%20are%20not%20limited%20to%3A%0D%0A%0D%0A%0D%0A%09Independently%20performs%20penetration%20testing%20of%20applications%2C%20systems%2C%20and%20enclaves%3B%20identifies%20security%20flaws%20in%20computing%20platforms%20and%20applications%20and%20devises%20strategies%20and%20techniques%20to%20mitigate%20identified%20cybersecurity%20risks%0D%0A%09Performs%20application%2C%20network%2C%20and%20wireless%20penetration%20testing%20and%20security%20assessments%0D%0A%09Applies%20offensive%20cybersecurity%20testing%20techniques%20and%20coordinates%20testing%20projects%20with%20internal%20and%20external%20system%20owners%0D%0A%09Reports%20on%20identified%20cybersecurity%20risks%20and%20recommends%20mitigation%20measures%20to%20improve%20the%20overall%20cybersecurity%20posture%20of%20the%20enterprise%0D%0A%09Applies%20in-depth%20knowledge%20of%20network%20protocols%2C%20operating%20systems%2C%20web%20application%20security%2C%20reverse%20engineering%2C%20and%20scripting%20languages%20to%20identify%20and%20mitigate..."
      },
      "facebookLink": {
        "redirectUri": "",
        "facebookAppId": "773759036043100"
      },
      "linkedInLink": {}
    },
    "isQuickApply": false,
    "positionType": "Full Time",
    "countryPaidIn": "",
    "googleJobJson": "{\"@context\":\"https://schema.org/\",\"@type\":\"JobPosting\",\"title\":\"Senior Penetration Tester (59660)\",\"identifier\":\"J0QS68304563\",\"url\":\"https://www.paycomonline.net/v4/ats/web.php/portal/BD1EA60AEEB10C351C9D11F5ACCAE8B8/jobs/304563\",\"image\":\"https://www.paycomonline.net/v4/ats/web.php/application/style/logo?clientkey=BD1EA60AEEB10C351C9D11F5ACCAE8B8\",\"datePosted\":\"2026-02-12\",\"description\":\"Job DetailsLevel: ExperiencedJob Location: REMOTE (United States) - Remote, VA 22211Position Type: Full TimeEducation Level: Bachelor's DegreeTravel Percentage: Occasionally Job Shift: DayJob Category: Professional ServicesBMA is seeking a Senior Penetration Tester&nbsp;to support our&nbsp;Cybersecurity Assessment Program (CAP) Program. This position is fully remote&nbsp;and contingent on contract award.&nbsp;\\r\\n\\r\\n&nbsp;\\r\\n\\r\\nJob Summary&nbsp;\\r\\n\\r\\nKey elements of this work consist of but are not limited to:\\r\\n\\r\\n\\r\\n\\tIndependently performs penetration testing of applications, systems, and enclaves; identifies security flaws in computing platforms and applications and devises strategies and techniques to mitigate identified cybersecurity risks\\r\\n\\tPerforms application, network, and wireless penetration testing and security assessments\\r\\n\\tApplies offensive cybersecurity testing techniques and coordinates testing projects with internal and external system owners\\r\\n\\tReports on identified cybersecurity risks and recommends mitigation measures to improve the overall cybersecurity posture of the enterprise\\r\\n\\tApplies in-depth knowledge of network protocols, operating systems, web application security, reverse engineering, and scripting languages to identify and mitigate vulnerabilities before they can be exploited by threat actors\\r\\n\\tContinuously refines and improves cybersecurity defenses and incident response plans\\r\\n\\tSupports the development of Assessment Final Reports, Mitigation Effectiveness Reports, and Rules of Engagement\\r\\n\\tSupports daily hotwash events, briefings and presentations, and scoping meetings\\r\\n\\r\\n\\r\\n&nbsp;\\r\\n\\r\\nClearance Requirements&nbsp;\\r\\n\\r\\nAn active Secret security clearance is required at the time of proposal submission.\\r\\n\\r\\n&nbsp;\\r\\n\\r\\nRequired Skills &amp; Certifications&nbsp;\\r\\n\\r\\n\\r\\n\\r\\n\\t6+ years of proven proficiency performing extensive vulnerability assessments and penetration testing\\r\\n\\t3+ years of experience using testing tools including NESSUS, Metasploit, CANVAS, Nmap, Burp Suite, and Kismet\\r\\n\\t3+ years of experience performing network vulnerability assessments and applying penetration testing methodologies\\r\\n\\t3+ years of experience writing penetration testing and assessment reports\\r\\n\\t2+ years of experience administering, using, and troubleshooting Windows Server and IIS\\r\\n\\t2+ years of experience administering, using, and troubleshooting a major Linux distribution\\r\\n\\t2+ years of experience performing PCI DSS testing\\r\\n\\tPossession of one or more penetration testing certifications such as Licensed Penetration Tester (LPT), Certified Expert Penetration Tester (CEPT), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN)\\r\\n\\tKnowledge of TCP/IP protocols and networking architectures\\r\\n\\tKnowledge of open security testing standards and projects, including OWASP\\r\\n\\tKnowledge of database, application, and web server design and implementation\\r\\n\\tExperience scripting in Perl, Python, Ruby, Bash, or Java\\r\\n\\tExperience with wireless LAN security testing\\r\\n\\tExcellent oral communication, written documentation, and presentation skills\\r\\n\\r\\n\\r\\n&nbsp;\\r\\n\\r\\n\\r\\nDesired Skills &amp; Certifications\\r\\n\\r\\n\\r\\n\\tExperience supporting DLA contracts\\r\\n\\tBachelor&rsquo;s degree in a relevant technical field\\r\\n\\tProject Management Professional (PMP) certification\\r\\n\\tFamiliarity with enterprise networks and systems, including servers, databases, APIs, and Active Directory\\r\\n\\tFamiliarity with web application concepts such as session management, business logic, and input validation\\r\\n\\tFamiliarity with AI and large language model (LLM) security concerns, including data poisoning and prompt injection exploitation\\r\\n\\tFamiliarity with operational technology (OT) environments, including SCADA system security and PLC security\\r\\n\\tFamiliarity with wireless networks, including Bluetooth security and wireless intrusion detection and prevention systems (WIDS/WIPS)\\r\\n\\tFamiliarity with DevSecOps pipelines, including SAST, DAST, and SCA implementation and automated security testing\\r\\n\\tFamiliarity with hybrid environments, including the interconnectivity and security of on-premises and cloud-based systems\\r\\n\\r\\n\\r\\n&nbsp;\\r\\n\\r\\nOther Duties\\r\\n\\r\\nThis job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.&nbsp;\\r\\n\\r\\n&nbsp;\\r\\n\\r\\nOverview\\r\\n\\r\\nBMA is an employee-owned small business headquartered in Huntsville, AL that provides superior customer service by empowering all levels of our staff to make timely decisions to produce high-quality results. BMA fosters an environment of passion, precision, and dedication in order to fulfill our commitments to our partners, government, and country.\\r\\n\\r\\n&nbsp;\\r\\n\\r\\nBenefits\\r\\n\\r\\nWe believe that our employees well-being is paramount to our success so our benefits package has been crafted with that in mind. We offer multiple healthcare coverage options to include low deductible, high deductible, and plans eligible for our Health Savings Account (HSA) option. Along with medical coverage, employees have dental, vision, accident &amp; illness, short- and long-term disability all available to them. BMA proudly maintains a 401(k) plan with an industry leading 6% match that can include profit sharing based on company performance. Lastly, being an employee-owned company means that BMA offers a 100% Employee Stock Ownership Plan (ESOP), providing eligible employees the opportunity to earn stock in BMA, subject to plan eligibility and vesting requirements.&nbsp;\\r\\n\\r\\n&nbsp;\\r\\n\\r\\nAAP &amp; EEO Statement\\r\\n&nbsp;Beshenich Muir &amp; Associates, LLC (BMA) is an Equal opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, religious creed, gender, sexual orientation, gender identity, gender expression, transgender, pregnancy, marital status, national origin, ancestry, citizenship status, age, disability, protected Veteran Status, genetics or any other characteristics protected by applicable Federal, State, or Local Law.&nbsp;\\r\\nQualifications\",\"responsibilities\":\"BMA is seeking a Senior Penetration Tester&nbsp;to support our&nbsp;Cybersecurity Assessment Program (CAP) Program. This position is fully remote&nbsp;and contingent on contract award.&nbsp;\\r\\n\\r\\n&nbsp;\\r\\n\\r\\nJob Summary&nbsp;\\r\\n\\r\\nKey elements of this work consist of but are not limited to:\\r\\n\\r\\n\\r\\n\\tIndependently performs penetration testing of applications, systems, and enclaves; identifies security flaws in computing platforms and applications and devises strategies and techniques to mitigate identified cybersecurity risks\\r\\n\\tPerforms application, network, and wireless penetration testing and security assessments\\r\\n\\tApplies offensive cybersecurity testing techniques and coordinates testing projects with internal and external system owners\\r\\n\\tReports on identified cybersecurity risks and recommends mitigation measures to improve the overall cybersecurity posture of the enterprise\\r\\n\\tApplies in-depth knowledge of network protocols, operating systems, web application security, reverse engineering, and scripting languages to identify and mitigate vulnerabilities before they can be exploited by threat actors\\r\\n\\tContinuously refines and improves cybersecurity defenses and incident response plans\\r\\n\\tSupports the development of Assessment Final Reports, Mitigation Effectiveness Reports, and Rules of Engagement\\r\\n\\tSupports daily hotwash events, briefings and presentations, and scoping meetings\\r\\n\\r\\n\\r\\n&nbsp;\\r\\n\\r\\nClearance Requirements&nbsp;\\r\\n\\r\\nAn active Secret security clearance is required at the time of proposal submission.\\r\\n\\r\\n&nbsp;\\r\\n\\r\\nRequired Skills &amp; Certifications&nbsp;\\r\\n\\r\\n\\r\\n\\r\\n\\t6+ years of proven proficiency performing extensive vulnerability assessments and penetration testing\\r\\n\\t3+ years of experience using testing tools including NESSUS, Metasploit, CANVAS, Nmap, Burp Suite, and Kismet\\r\\n\\t3+ years of experience performing network vulnerability assessments and applying penetration testing methodologies\\r\\n\\t3+ years of experience writing penetration testing and assessment reports\\r\\n\\t2+ years of experience administering, using, and troubleshooting Windows Server and IIS\\r\\n\\t2+ years of experience administering, using, and troubleshooting a major Linux distribution\\r\\n\\t2+ years of experience performing PCI DSS testing\\r\\n\\tPossession of one or more penetration testing certifications such as Licensed Penetration Tester (LPT), Certified Expert Penetration Tester (CEPT), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN)\\r\\n\\tKnowledge of TCP/IP protocols and networking architectures\\r\\n\\tKnowledge of open security testing standards and projects, including OWASP\\r\\n\\tKnowledge of database, application, and web server design and implementation\\r\\n\\tExperience scripting in Perl, Python, Ruby, Bash, or Java\\r\\n\\tExperience with wireless LAN security testing\\r\\n\\tExcellent oral communication, written documentation, and presentation skills\\r\\n\\r\\n\\r\\n&nbsp;\\r\\n\\r\\n\\r\\nDesired Skills &amp; Certifications\\r\\n\\r\\n\\r\\n\\tExperience supporting DLA contracts\\r\\n\\tBachelor&rsquo;s degree in a relevant technical field\\r\\n\\tProject Management Professional (PMP) certification\\r\\n\\tFamiliarity with enterprise networks and systems, including servers, databases, APIs, and Active Directory\\r\\n\\tFamiliarity with web application concepts such as session management, business logic, and input validation\\r\\n\\tFamiliarity with AI and large language model (LLM) security concerns, including data poisoning and prompt injection exploitation\\r\\n\\tFamiliarity with operational technology (OT) environments, including SCADA system security and PLC security\\r\\n\\tFamiliarity with wireless networks, including Bluetooth security and wireless intrusion detection and prevention systems (WIDS/WIPS)\\r\\n\\tFamiliarity with DevSecOps pipelines, including SAST, DAST, and SCA implementation and automated security testing\\r\\n\\tFamiliarity with hybrid environments, including the interconnectivity and security of on-premises and cloud-based systems\\r\\n\\r\\n\\r\\n&nbsp;\\r\\n\\r\\nOther Duties\\r\\n\\r\\nThis job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.&nbsp;\\r\\n\\r\\n&nbsp;\\r\\n\\r\\nOverview\\r\\n\\r\\nBMA is an employee-owned small business headquartered in Huntsville, AL that provides superior customer service by empowering all levels of our staff to make timely decisions to produce high-quality results. BMA fosters an environment of passion, precision, and dedication in order to fulfill our commitments to our partners, government, and country.\\r\\n\\r\\n&nbsp;\\r\\n\\r\\nBenefits\\r\\n\\r\\nWe believe that our employees well-being is paramount to our success so our benefits package has been crafted with that in mind. We offer multiple healthcare coverage options to include low deductible, high deductible, and plans eligible for our Health Savings Account (HSA) option. Along with medical coverage, employees have dental, vision, accident &amp; illness, short- and long-term disability all available to them. BMA proudly maintains a 401(k) plan with an industry leading 6% match that can include profit sharing based on company performance. Lastly, being an employee-owned company means that BMA offers a 100% Employee Stock Ownership Plan (ESOP), providing eligible employees the opportunity to earn stock in BMA, subject to plan eligibility and vesting requirements.&nbsp;\\r\\n\\r\\n&nbsp;\\r\\n\\r\\nAAP &amp; EEO Statement\\r\\n&nbsp;Beshenich Muir &amp; Associates, LLC (BMA) is an Equal opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, religious creed, gender, sexual orientation, gender identity, gender expression, transgender, pregnancy, marital status, national origin, ancestry, citizenship status, age, disability, protected Veteran Status, genetics or any other characteristics protected by applicable Federal, State, or Local Law.&nbsp;\\r\\n\",\"employmentType\":\"FULL_TIME\",\"hiringOrganization\":{\"@type\":\"Organization\",\"name\":\"BMA TECHNICAL SERVICES INC\",\"logo\":\"https://www.paycomonline.net/v4/ats/web.php/application/style/logo?clientkey=BD1EA60AEEB10C351C9D11F5ACCAE8B8\"},\"jobLocation\":{\"@type\":\"Place\",\"address\":{\"streetAddress\":\"No Address \",\"addressLocality\":\"Remote\",\"addressRegion\":\"VA\",\"postalCode\":22211,\"addressCountry\":\"USA\"}},\"industry\":\"Professional Services\",\"validThrough\":\"-0001-11-30\",\"workHours\":\"Day\",\"educationRequirements\":\"Bachelor's Degree\"}",
    "applyAvailable": true,
    "educationLevel": "Bachelor's Degree",
    "qualifications": "",
    "descriptionTitle": "Description",
    "travelPercentage": "Occasionally ",
    "jobYoutubeVideoId": "",
    "legalRevisionDate": {
      "date": "2025-05-05T14:10:08.000Z",
      "timezone": "America/Chicago",
      "timezone_type": 3
    },
    "secondaryLocations": [],
    "primaryPhoneCountry": "US",
    "primaryPhoneEnabled": true,
    "qualificationsTitle": "Qualifications",
    "primaryPhoneRequired": true,
    "primaryPhoneNumberDoesNotExist": false
  },
  "preview": {
    "jobId": 304563,
    "isHotJob": false,
    "jobTitle": "Senior Penetration Tester (59660)",
    "postedOn": "",
    "locations": "REMOTE (United States) - Remote, VA 22211",
    "remoteType": "",
    "description": "BMA is seeking a Senior Penetration Tester to support our Cybersecurity Assessment Program (CAP) Program. This position is fully remote and contingent...",
    "positionType": "Full Time"
  },
  "detail_meta": {
    "url": "https://portal-applicant-tracking.us-cent.paycomonline.net/api/ats/job-postings/304563",
    "http_status": 200,
    "content_type": "application/json",
    "response_bytes": 33748
  },
  "detail_errors": []
}