Associate Security Tester (US)

US-CC · Baltimore, Maryland
Department US-CC
Employment Type Full-Time
Minimum Experience Entry-level

Introduction:

Lightship Security is a market leader in IT security standards-based conformance testing and test automation. We work with leading edge security technology vendors from around the world to perform conformance testing to various IT security Standards such as FIPS 140-2 and Common Criteria.


Due to recent growth, Lightship is seeking an Associate Security Tester to work in the field of security testing. The successful candidate will work in a collaborative team environment and consult closely with project stakeholders to ensure a product’s conformance with the specified security requirements.

 

Key Responsibilities:

An Associate Security Tester will lead projects in the review, consultation, and assessment of products against international standards such as Common Criteria and FIPS 140-2 as well as against custom security requirements. A typical project includes participating in workshops with customers, consultation, and assessment of a product’s security architecture, constructing standards-based documentation such as a Security Target, analysis and assessment of system entropy quality, construction and/or execution of a standards-based test plan using Lightship’s Conformance Automation Platform tool, vulnerability analysis and penetration testing.


Projects will involve both hardware and software devices and the ideal candidate will have a strong background and knowledge of security products such as routers, switches, firewalls, VPN gateways, proxies, etc. The successful candidate will be able to demonstrate expertise with the Linux operating system, virtualization technologies, cryptographic concepts, and networking fundamentals. Knowledge and experience using X.509 PKI and cryptographic libraries is considered an asset.


As an Associate Security Tester, the candidate is expected to interface with customers to provide them with sound technical consulting and support during the testing process.

 

Technical Requirements:

  • Must have at a minimum of 1-3 years experience working with enterprise IT products (NetApp, Fortinet, Cisco...).
  • Strong knowledge of networking technologies, protocols, and information delivery such as: TCP/IP, SSL/TLS, SSH and HTTPS.
  • Experience with programming and scripting languages such as: Python, Bash and C.
  • Demonstrative experience using Linux and Windows operating systems.
  • Demonstrative experience with virtualization technologies, such as hypervisors and software-defined networking.
  • Experience with vulnerability analysis and penetration testing of both hardware and software targets.
  • Knowledge of fundamental cryptographic concepts and leading cryptographic algorithms.
  • A University degree or college diploma in a related technical field.
  • Knowledge of FIPS 140-2, Common Criteria, and other related standards are an asset.

 

Non-Technical Requirements:

  • Minimum 2 years experience in a customer-facing technical role.
  • Ability to manage concurrent projects.
  • Excellent communication skills: ability to express requirements in technical and non-technical terms to customers, peers, and management; must be able to prepare consistent and quality reports for consumption by critical customers.
  • A proven ability to work independently.
  • Possess creative and critical thinking skills.

 

Other Requirements:

  • Willing to travel domestic and internationally up to 20% of the time and hold a valid passport.


Potential to telework up to 50% of the time.

Thank You

Your application was submitted successfully.

  • Location
    Baltimore, Maryland
  • Department
    US-CC
  • Employment Type
    Full-Time
  • Minimum Experience
    Entry-level