1 to 25 of 568 Permanent Penetration Testing Jobs

recommend improvements. Generate compliance reports, incident summaries, and vulnerability assessment findings for Federal stakeholders. Vulnerability Management & Network Security Oversee the configuration, maintenance, and administration of network security appliances. Perform penetration testing, vulnerability scanning, and remediation efforts to identify and address security weaknesses. Maintain up-to-date knowledge of cyber threats, attack vectors, and security technologies to enhance defensive … Develop strategic plans for cybersecurity improvements, system hardening, and security automation. Identify and implement emerging security technologies to strengthen the organization's cyber defense. Conduct security tabletop exercises and penetration testing drills to improve response capabilities. Communication & Reporting Prepare and deliver technical reports, security incident summaries, and risk mitigation strategies to Federal leadership. Act as a liaison between … ASA, Palo Alto, or equivalent) SIEM solutions (Splunk, ArcSight, or ELK Stack) Intrusion detection/prevention systems (IDS/IPS) Incident response and forensic analysis tools Vulnerability assessment and penetration testing tools Knowledge of cyber threat intelligence, risk assessments, and compliance frameworks (NIST, RMF, FISMA, FedRAMP, etc.). Proven ability to lead teams, mentor security analysts, and foster More ❯

net-centric capabilities, as well as detection of, identification of and response to attacks. Securing development environments and software through application security architecture software evaluations web application vulnerability assessment penetration testing and fuzzing, malware research and vulnerability mitigation. Work to achieve key project/program objectives and deliverables. Responsible for entire projects or processes spanning multiple technical areas. … development practices (DevSecOps). Leverage Infrastructure as Code (IaC) to automate security configurations and reduce misconfigurations. Develop and manage vulnerability management programs, ensuring timely remediation of discovered vulnerabilities. Conduct penetration testing, red team/blue team exercises, and security audits to assess and enhance system resilience. Collaborate with system administrators and developers to prioritize and remediate identified vulnerabilities. … or Offensive Security Certified Professional (OSCP). AWS Certified Security - Specialty, Azure Security Engineer Associate, or Google Professional Cloud Security Engineer. Certified Cloud Security Professional (CCSP). Experience conducting penetration testing, red team/blue team exercises, and vulnerability assessments. Knowledge of Zero Trust security models and micro-segmentation principles. Original Posting: March 30, 2025 For U.S. Positions More ❯

retain, and develop talent and expertise, including application security specialists. Set and maintain the team's culture and tone. Business Continuity and Disaster Recovery : Contribute to the development and testing of business continuity and disaster recovery plans from an information security perspective, including considerations for application security. Security Monitoring and Incident Response : Establish and maintain processes for continuous security … and controls, including but not limited to, firewalls, intrusion detection/prevention systems, security information and event management (SIEM), data loss prevention (DLP), vulnerability management tools, and application security testing tools. Secure Software Development Lifecycle (SSDLC) : Integrate security best practices into the software development lifecycle. Work closely with development teams to ensure secure coding practices, conduct comprehensive security testing (e.g., penetration testing, vulnerability scanning, application security reviews), and promote a security-aware development culture with a strong application security focus. Third-Party Risk Management : Develop and implement a program for assessing and managing the information security risks, including application security risks, associated with third-party vendors and service providers. Security Awareness and Training : Develop and deliver More ❯

and implementation for the firms IT security maturity programme projects. Support the integration of new IT Security technologies. Introduce and integrate tools to enhance internal capabilities for routine security testing activities. Develop and deploy tools and automation to streamline common IT Security Operations tasks. Identify areas of cyber security improvement to ensure cyber security and data security by design … languages such as PowerShell (preferred), Python, Perl, etc. Strong understanding of network, cloud computing and application of security controls across such architectures. Experience with network security, incident management, and penetration testing. Strong up-to-date knowledge of Cyber Security. Required Skills Experience with EDR and Anti-Virus/Malware management such as SentinelOne, CrowdStrike and Defender. Demonstrated ability working More ❯

About Darkshield Darkshield is an expert cybersecurity agency based in York, UK. We help organisations navigate an increasingly complex digital landscape by providing expert services in penetration testing, vulnerability assessment, managed security, and compliance . Our mission is to protect businesses by delivering tailored, cutting-edge cybersecurity solutions that keep them resilient and ahead of cyber threats. The … incident response efforts related to cloud security breaches and misconfigurations. Implement SIEM and security monitoring tools for real-time threat detection. Cloud Security Assessments & Compliance Conduct cloud security assessments, penetration testing, and risk analysis . Ensure compliance with ISO 27001, NIST, CIS Benchmarks, GDPR , and other security standards. Collaborate with DevOps teams to integrate security into CI/ More ❯

net-centric capabilities, as well as detection of, identification of and response to attacks. Secure development environments and software through application security architecture software evaluations web application vulnerability assessment penetration testing and fuzzing, malware research and vulnerability mitigation. Work independently to achieve day-to-day objectives with significant impact on operational results or project deliverables. Responsible for entire … or Offensive Security Certified Professional (OSCP). AWS Certified Security - Specialty, Azure Security Engineer Associate, or Google Professional Cloud Security Engineer. Certified Cloud Security Professional (CCSP). Experience conducting penetration testing, red team/blue team exercises, and vulnerability assessments. Knowledge of Zero Trust security models and micro-segmentation principles. Original Posting: March 30, 2025 For U.S. Positions More ❯

operations of experimental payloads. AFRL will provide the satellite bus and payload with all available documentation to date. you will play a key role in the development, integration, and testing of cutting-edge software for space systems. Working alongside other engineers and researchers, you will focus on designing, building, and implementing software solutions for space technology prototypes. Why Join … strategies to safeguard systems and data. Incident Response: Lead the identification, analysis, and resolution of cybersecurity incidents, while ensuring timely reporting and documentation in compliance with government standards. Security Testing & Audits: Perform security testing, penetration testing, and vulnerability assessments on software and hardware systems to identify weaknesses before adversaries can exploit them. Collaboration with Cross-Functional … CEH, CISM, CISA, CompTIA Security+, CCSP, CAP, GSEC, CRISC, CSSLP, Cisco CyberOps Associate, or equivalent. Space Systems Knowledge: Experience working with space systems, hardware/software-in-the-loop testing, or similar high-security, mission-critical technologies (preferred). Government Contracting: Previous experience working in government contracting environments, particularly with DoD or the USSF, is highly desired. Incident Management More ❯

You'll be working on interesting large-scale Government and private sector projects. ROLE OBJECTIVE We are seeking a highly skilled Cyber Security Consultant with a strong background in penetration testing and network security. This role is ideal for a cybersecurity professional with experience in identifying, assessing, and mitigating security risks across various platforms. The consultant will play … a critical role in evaluating and strengthening our clients’ cybersecurity postures by conducting in-depth security assessments, vulnerability analysis, and developing comprehensive security strategies. RESPONSIBILITIES Conduct comprehensive penetration tests, vulnerability assessments, and security audits to identify risks and ensure compliance with industry best practices. Provide expert recommendations and solutions to mitigate identified vulnerabilities, enhancing client systems’ security postures. Investigate … to prepare the organization to respond efficiently and effectively to cyber threats. Travel to various client locations when required (potential international travel) and deliver high quality solutions (e.g. OT testing or other IT services). Collaborate with client teams to develop, document, and implement security policies, standards, and guidelines aligned with industry standards (e.g., ISO 27001, NIST). Assist More ❯

role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using Terraform. Their ideal candidate will … Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory … contract continuity. Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security automation. Knowledge of DevOps pipelines More ❯

including evaluating vendor risk, examining vendor contracts, understanding third-party risk, and data privacy issues. This individual serves as an expert on cybersecurity protection, detection, response, and recovery, coordinating penetration testing and managing cybersecurity analysts to detect, mitigate, and analyze threats. Works closely with other teams to develop controls such as firewalls, data leakage prevention, patching, encryption, vulnerability … Review policies and procedures annually for security compliance. Develop, test, and implement disaster recovery procedures. Manage cybersecurity projects to ensure timely delivery within budget. Perform or coordinate security assessments, penetration tests, and vulnerability scans. Ensure compliance with frameworks like COBIT, NIST, ISO, PCI, GDPR, HIPAA, etc. Provide internal support for security issues within SLAs. Evaluate and implement CIS controls More ❯

role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM) by maintaining Active Directory, Entra ID, MFA, and Zero Trust security principles. Your More ❯

role in protecting our digital infrastructure. You'll lead the implementation and management of SIEM systems, Fortinet security tools, and endpoint detection & response (EDR) while conducting vulnerability assessments and penetration testing to stay ahead of cyber threats. You'll enhance identity and access management (IAM) by maintaining Active Directory, Entra ID, MFA, and Zero Trust security principles. Your More ❯

have good understanding on network traffic flows and able to understand normal and suspicious activities. Must have good understanding of Vulnerability Scanning and management as well as Ethical Hacking (Penetration Testing) Ability to learn forensic techniques Ability to reverse engineer attacks to understand what actions took place. Knowledge of ITIL disciplines such as Incident, Problem and Change Management. More ❯

have good understanding on network traffic flows and able to understand normal and suspicious activities. Must have good understanding of Vulnerability Scanning and management as well as Ethical Hacking (Penetration Testing) Ability to learn forensic techniques Ability to reverse engineer attacks to understand what actions took place. Knowledge of ITIL disciplines such as Incident, Problem and Change Management. More ❯

and quality Excellent problem-solving techniques and trouble analysis skills Experience in design and publishing Security Standards & Policies Experienced in running global Bug Bounty/VDP programs Experiencedin Pen Testing, from scope, schedule, findings, remediation and risk registration The candidate should have a good knowledge of: Vulnerability Management concepts, controls, and best practices for all Operating systems & asset types More ❯

PENETRATION TESTER: Senior and Expert Levels Location: Chantilly, VA US Security Clearance Requirement: TS/SCI with Full Scope Polygraph Clearance Status: Must be Current JOB DESCRIPTION: Inferno Systems is currently looking for Penetration Tester positions with a minimum of 7+ years experience conducting technical security and/or vulnerability assessments. Please note the security clearance requirement above … candidates MUST have a current/active TS/SCI with Full Scope Poly to be considered. JOB SUMMARY: We are looking for Penetration Testers whose work will directly impact U.S. policymakers, military officials and law enforcement agencies. You should be able to use sophisticated techniques to identify vulnerabilities, exploit them, and gain and maintain access to targets. You … center architecture. • Understanding in cloud computing platform technologies such as AWS, Microsoft Azure, Google, cloud computing environment and cloud security. • Demonstrated real world experience performing gray and black box penetration testing. • Strong familiarity with some of the following: OWASP top 10, DoD and NSA Vulnerability and Penetration Testing Standards. • Understanding of basic IP fundamentals and how protocols More ❯

with industry standards such as ISO27001, Cyber Essentials Plus, PCI/DSS Stay ahead of cyber threats, maintaining and improving security monitoring and risk management processes Support vulnerability management, penetration testing, and incident response Requirements for this role: 3+ years' experience in a senior cyber security role Strong knowledge of security frameworks (NIST, NCSC, CIS, MITRE ATT&CK … Hands-on experience with security tools: SIEM, IDS/IPS, firewalls, endpoint protection Expertise in Azure security and securing cloud platforms A solid understanding of vulnerabilities, penetration testing, and compliance Experience with network security, encryption, TLS, SSL, and security monitoring tools MUST have the Right to work in the UK i.e. British Citizen, ILR status or Settled status More ❯

Assess secure mobile development and deployment: Secure mobile applications, MDM/MAM platforms Address mobile OS-specific threats (iOS, Android) Interpret and provide remediation or mitigation strategies based on: Penetration testing results and associated PO&AMs Security control assessments Vulnerability and compliance scans Leverage programming language to review static and dynamic code analysis and provide remediation or mitigation … not covered by WAF security policies. Knowledge of encryption algorithms, cryptographic protocols, and key management principles to protect data at rest, in transit, and in use. Proficiency in security testing methodologies, including penetration testing, vulnerability assessment, code review, and security audits. Ability to develop and implement incident response plans and procedures, including detection, analysis, containment, eradication, and More ❯

and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident response and remediation. Strong analytical and problem-solving More ❯

and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security threat modeling and risk assessments. Knowledge of secure development practices, penetration testing, and vulnerability assessments. Ability to communicate security risks and strategies to technical and non-technical stakeholders. Experience in incident response and remediation. Strong analytical and problem-solving More ❯

low (unsecure) networks and deployed on high (secure Government) networks, addressing specific challenges of data transfer, sanitization, and access control between domains. Vulnerability Management: Conduct and oversee vulnerability assessments, penetration testing, and security audits of web applications and supporting systems. Analyze results, prioritize findings, and work with development teams to ensure timely remediation and mitigation strategies. Risk Management … with a focus on web application security. Demonstrated experience with the Risk Management Framework (RMF). Experience with secure software development best practices, including static and dynamic application security testing (SAST/DAST) tools. Proficiency in identifying and mitigating common web application vulnerabilities (e.g., OWASP Top 10). Understanding of cross-domain solutions and secure data transfer mechanisms between More ❯

and data governance best practices seamlessly into the software development life cycle. Evaluate company and vendor technology infrastructure security. Participate in disaster recovery and business continuity planning, reviews, and testing to continuously improve our organizational and operational resilience. As a key member of our Security Incident Response team, apply keen investigative skills and take swift action in resolving security … alerts or breaches, safeguarding our digital borders. Conduct penetration testing and vulnerability scanning on all company networks and applications. Collaborate with engineering stakeholders to prioritize and remediate vulnerabilities based on severity and impact. Research emerging products, technologies, and best practices to improve security posture for the company. Provides recommendations to security leadership for implementation. Key participant in company More ❯

as SIEM, firewalls, antivirus software, and vulnerability management tools Experience with security frameworks and regulations, such as NIST, ISO 27001, PCI-DSS, and GDPR Experience with vulnerability scanning and penetration testing tools such as Nessus, OpenVAS, or Metasploit Knowledge of network security concepts, firewalls, VPNs, IDS/IPS, and encryption technologies Knowledge of operating systems and network protocols More ❯

and perform incident response in line with Department of State standards. Conduct classified spillage containment, forensics, and reporting procedures as required. Vulnerability Assessment and Remediation: Perform vulnerability scans and penetration testing using Nessus, Metasploit, and Wireshark. Document and remediate security findings through POAandMs and system configuration changes. Ensure compliance with security benchmarks and Departmental baselines. DevSecOps and Secure More ❯

and enforce network segmentation, access control, and zero-trust security models. Implement network security best practices, firewall policies, IDS/IPS, and NAC solutions. Conduct regular network vulnerability assessments, penetration testing, and risk mitigation. Ensure compliance with industry standards (NIST, ISO 27001, PCI-DSS, HIPAA, SOC 2, etc.). Collaborate with cybersecurity teams to detect and mitigate network More ❯