Job Board

Duties and responsibilities:

• Conduct security testing of IT assets, web applications, infrastructure assets and technologies, mobile applications, custom developed software implementations, virtual technologies, COTS products, cloud implementations, common application platforms, and other technologies connecting to or interacting with the Judiciary network.
• Develop and maintain a repeatable methodology for performing security testing. Security test planning should include, but is not limited to: threat modeling, map business requirements to the applicable security requirements, determine appropriate security controls, test scenarios and test cases.
• Develop the Security Test Plans.
• Perform security testing, vulnerability analysis, and risk analysis in accordance with an industry-proven, repeatable methodology.
• Evaluate the effectiveness of security controls as they relate to the applicable security controls of the system tested.
• Relate test results to controls in NIST SP 800-53, as reflected in the JISF.
• Develop, maintain and use customized testing scripts (testing automation) for individual and team use.
• Develop and deliver reports as required.

Required Qualifications:

• Knowledge and experience with manual host testing per CIS benchmarks.
• 3-5+ years of experience in the information technology field.
• Knowledge of and experience with Nessus.
• Knowledge of OWASP Top 10.
• Some penetration testing experience required.
• Prefer knowledge of and experience with the following tools:
• Acunetix
• Burp Suite
• Appdetective
• DbVisualizer
• Knowledge of NIST SPs and NIST Risk Management Framework (RMF).
• Knowledge of computer networking concepts and protocols, and network security methodologies.
• Strong attention to detail.

Education Requirement: Bachelor's Degree in STEM field preferred.

Certification Requirement: Industry standard certification (e.g. Security+) preferred.

Clearance Requirement: Ability to obtain and maintain a Public Trust.

Why Join Gunnison?

• Gunnison takes on ambitious projects. We target fun, challenging work that requires creative thinking and innovation.
• Quality is our top priority.
• Gunnison employee benefits meet or exceed what other companies in the Washington, D.C. metropolitan area offer.
• As a small firm there is a great sense of camaraderie at Gunnison. Employees are treated like family. This is an atmosphere we will maintain as we continue to grow.
• We are growing rapidly and the opportunity for individual professional growth with Gunnison is outstanding.
• We hire for careers at Gunnison, not to fill a position.

Employee Benefits

Gunnison employee benefits meet or beat other companies in the Washington, D.C. metropolitan area, including:

• Bonuses AND profit-sharing!
• 401k Matching
• Certifications and training allowance $2,500/year
• 3 weeks of personal leave your first year (160 hours can roll over every year)
• Up to 5 days of Flex-Time-Off per year

Equal Opportunity/Affirmative Action Employer. Must be eligible for employment in the United States. We are unable to sponsor candidates at this time

In 1994 Gunnison Consulting Group began serving the greater Washington, D.C. metro area, focused on tackling our customers' most ambitious technology projects. By creating a culture dedicated to enabling our customers and employees to achieve more than they ever thought they could, the company has thrived for 25 years.