Job Details

ID #40914821
State Vermont
City Montpelier
Job type Permanent
Salary USD TBD TBD
Source DatamanUSA, LLC
Showed 2022-05-15
Date 2022-05-13
Deadline 2022-07-12
Category Et cetera
Create resume

Penetration Tester

Vermont, Montpelier, 05601 Montpelier USA

Vacancy expired!

DatamanUSA is looking for Penetration Tester for our direct client based in Montpelier, VT. This is a great opportunity for someone who is a quick learner with excellent people skills.

Job Details:

Title: Penetration Tester

Location: Montpelier, VT

Duration: 6+ months

Roles & Responsibilities:

) The VTax Staging environment is the internal-facing staging environment for Vermont's Integrated Tax System.

) This business application is a GenTax product used by VDT for processing personal and business taxes for the State of Vermont. The myVTax environment is the external-facing web application for the VDT's public users to manage personal and business taxes.

) ADS is seeking a contractor on behalf of VDT to perform systems penetration testing on both the internal and external facing environments to assess the extent of a compromise an attacker can achieve by identifying and exploiting any vulnerabilities.

) The contractor will provide the State with testing results along with recommendations for remediation and recommended corrective methods for any identified vulnerabilities.

Basic Qualifications:

1. The selected contractor will perform an external penetration test on the myVTax website to assess the extent of a compromise an attacker can achieve by identifying and exploiting any vulnerability.

2. The contractor will also perform an internal application test on the VTax Staging environment to assess the extent of a compromise an attacker can achieve by identifying and exploiting any vulnerabilities.

3. The contractor will produce an initial report of any findings within 5 business days following the completion of the initial testing of each environment.

4. The State reserves the right to request a one-time retest of any system vulnerabilities identified by the penetration test after the State has had an opportunity to address them.

5. In order to simulate an external cyberattack, the State is requiring "Black Box" penetration testing to be performed. This means the State will not provide the contractor with any information related to the systems being tested.

6. Penetration testing for the State will begin on or around May 31, 2022, and shall be completed no later than 10 business days after the start date. The contractor is authorized to perform this test during the testing period between 8:00 am and 4:30 pm EST.

7. The contractor will provide the State with a final report of any findings and results within 5 business days after the penetration testing is completed.

8. The report will include all identified vulnerabilities and recommended corrective methods, along with recommended corrective actions.

9. Following the penetration test and remediation of any specific vulnerabilities identified, the State can request the contractor perform a one-time recheck of those vulnerabilities.

10. Upon completion of this project the contractor will turn over or destroy any log files or other data captured as part of the test.

Vacancy expired!

Subscribe Report job