Penetration Tester

The Penetration Tester - Lead supports the Small Business Administration (SBA) Enterprise Cybersecurity Services (ECS) program by leading advanced penetration testing, vulnerability assessment, adversarial simulation, and security validation activities supporting enterprise cybersecurity operations. The Penetration Tester - Lead performs expert-level offensive cybersecurity activities including network penetration testing, web application assessments, cloud security testing, wireless testing, red team operations, social engineering support, exploit validation, security control effectiveness testing, and advanced vulnerability analysis. The position provides technical leadership, testing strategy development, remediation validation, and risk-based recommendations to improve SBA's cybersecurity posture and enterprise resilience., * Lead enterprise penetration testing and vulnerability assessment activities supporting SBA ECS cybersecurity initiatives.

• Support Task Areas 3.5.4 and 3.5.4.7 by conducting advanced offensive security testing against enterprise systems, applications, cloud environments, networks, and security architectures.
• Plan, coordinate, and execute internal and external penetration testing engagements in accordance with federal cybersecurity standards and approved Rules of Engagement (ROE).
• Conduct application security testing against web applications, APIs, mobile applications, and cloud-hosted systems.
• Perform network penetration testing, exploitation, lateral movement analysis, privilege escalation testing, and post-exploitation activities.
• Execute adversarial emulation and red team exercises to evaluate security controls, monitoring capabilities, and incident response effectiveness.
• Conduct vulnerability validation, exploit research, attack-path analysis, and risk prioritization activities.
• Assess cloud security controls and configurations across Microsoft Azure, AWS, Microsoft 365, SaaS, and hybrid cloud environments.
• Perform wireless security testing, password auditing, authentication testing, and identity management assessments.
• Support phishing assessments, social engineering testing, and security awareness validation activities where authorized.
• Develop detailed technical penetration testing reports, executive summaries, remediation guidance, and risk assessment documentation.
• Provide technical recommendations for remediation of identified vulnerabilities, misconfigurations, and security gaps.
• Validate remediation efforts and conduct follow-up testing to confirm resolution of identified findings.
• Support development and refinement of penetration testing methodologies, procedures, testing standards, and operational playbooks.
• Coordinate with security engineers, SOC analysts, ISSOs, system administrators, cloud engineers, and program managers during testing activities.
• Assist with security architecture reviews, threat modeling, and attack surface analysis activities.
• Use automated and manual testing techniques to identify vulnerabilities and validate exploitability.
• Operate and maintain penetration testing toolsets, attack frameworks, vulnerability scanners, and security testing platforms.
• Support compliance and assessment activities aligned with NIST RMF, NIST SP 800-53, FISMA, FedRAMP, and Zero Trust Architecture requirements.
• Provide technical leadership and mentorship to junior penetration testers and cybersecurity analysts.
• Participate in incident response support, forensic investigations, and threat hunting activities as required.
• Support DevSecOps and secure software development initiatives through application security testing and code review support.
• Ensure all testing activities comply with federal security policies, legal requirements, approved authorizations, and ethical hacking standards.

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Engineering, Information Systems, or related discipline. Relevant experience may substitute for degree requirements.
• Minimum of 10 years of experience supporting penetration testing, vulnerability assessments, offensive cybersecurity operations, red teaming, or advanced cybersecurity engineering.
• Extensive experience conducting penetration testing against enterprise networks, web applications, cloud environments, and operating systems.
• Advanced knowledge of offensive security methodologies, exploitation frameworks, attack techniques, and adversarial tactics.
• Experience using penetration testing and security assessment tools such as Metasploit, Burp Suite, Nessus, Nmap, Kali Linux, Cobalt Strike, BloodHound, Wireshark, and related platforms.
• Strong understanding of network protocols, operating systems, identity management, authentication mechanisms, and cloud architectures.
• Experience with scripting or programming languages such as Python, PowerShell, Bash, JavaScript, or Go.
• Knowledge of NIST RMF, NIST SP 800-53, FISMA, FedRAMP, MITRE ATT&CK, and Zero Trust Architecture concepts.
• Experience leading penetration testing teams, coordinating testing engagements, and presenting findings to technical and executive stakeholders.
• Strong analytical, problem-solving, technical writing, and communication skills.
• Experience supporting federal agencies or government cybersecurity environments preferred.

Preferred Certifications

• Offensive Security Certified Professional (OSCP)
• Offensive Security Experienced Penetration Tester (OSEP)
• GIAC Penetration Tester (GPEN)
• GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
• Certified Ethical Hacker (CEH)
• Certified Information Systems Security Professional (CISSP)
• CompTIA PenTest+
• GIAC Web Application Penetration Tester (GWAPT)
• Certified Red Team Professional (CRTP)
• AWS Certified Security - Specialty
• Microsoft Certified: Azure Security Engineer Associate

Invitation for Job Applicants to Self-Identify as a U.S. Veteran

• A "disabled veteran" is one of the following:

• a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or
• a person who was discharged or released from active duty because of a service-connected disability.

• A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.
• An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.
• An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.