Lead Penetration Tester
Role details
Job location
Tech stack
Job description
Xtreme Solutions will execute the assessment over a five-week period utilizing a team of certified cybersecurity professionals specializing in penetration testing, Microsoft 365 security, Active Directory security, cloud security, and cybersecurity reporting. Activities begin with project kickoff and rules of engagement development, followed by concurrent external, internal, and Microsoft 365 security assessments. Findings are validated through peer review and quality assurance processes before being compiled into comprehensive technical and executive-level reports. The engagement concludes with an executive briefing and remediation roadmap presentation. Optional retesting services may be performed following remediation activities to validate corrective actions and confirm risk reduction., The Lead Penetration Tester serves as the technical authority for all penetration testing activities and is responsible for planning, executing, and reporting on security assessments of networks, applications, cloud environments, wireless systems, and enterprise infrastructure. The Lead Penetration Tester provides overall quality assurance, validates findings, and briefs executive stakeholders on risk and remediation strategies., * Lead external and internal penetration testing engagements.
- Conduct network, web application, API, cloud, and wireless assessments.
- Develop attack scenarios based on real-world adversary tactics.
- Perform manual exploitation and validation of vulnerabilities.
- Lead red team exercises and adversary emulation operations.
- Document findings with technical evidence and remediation recommendations.
- Present assessment results to technical and executive audiences.
- Ensure testing activities align with NIST, OWASP, PCI-DSS, and FedRAMP requirements.
- Mentor junior penetration testers and review deliverables.
Requirements
Do you have experience in Vuls?, Do you have a Bachelor's degree?, * Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field.
- Minimum 8 years of cybersecurity experience.
- Minimum 5 years of penetration testing experience.
- One or more of the following certifications:
- OSCP
- OSCE
- GXPN
- GPEN
- CEH
- CPTE
- Experience with:
- Burp Suite
- Metasploit
- Kali Linux
- Nmap
- Nessus
- OWASP Testing Methodology
Nice-to-Have
- CISSP
- CREST CRT
- eWPT
- Experience supporting federal agencies or DoD customers.