251 to 275 of 499 Permanent Penetration Testing Jobs

capability to evangelise secure coding practices in the development lifecycle. Delivering technical advice to ensure security standards are fully understood and complied with across teams. Developing and integrating security testing plans into the Secure Software Development Lifecycle (S-SDLC) . Performing and overseeing security testing while managing remediation plans for identified vulnerabilities. What we're looking for: Experience … in Software Engineering and Application Security . In-depth understanding of application security vulnerabilities , testing techniques, and familiarity with the OWASP framework . Deep expertise in secure web application development and Agile development methodologies. Exceptional communication and influencing skills, capable of collaborating effectively up to senior management levels. Comprehensive knowledge of IT and information security disciplines, with an ability … to promote and deliver security awareness initiatives. Experience in working with the hacker/penetration testing community is desirable. If you are passionate about driving secure-by-design initiatives and want to work in a team that values innovation and collaboration, we'd love to hear from you. Please apply with a copy of your CV or email More ❯

improving TTPS for better cyber threat protection. Write final reports and defend all findings, including risk or vulnerability, mitigation strategies, and references. Report vulnerabilities identified during security assessments. Write penetration testing Rules of Engagement (ROE), Test Plans, and Standard Operating Procedures (SOP). Conducted security reviews, technical research and provided reporting to increase security defense mechanisms. Minimum Qualifications … Electrical Engineering, Information systems, Information Technology, Cybersecurity, or a closely related discipline. Four years of additional demonstrated work experience in Security Control Assessor (SCA) and Defensive Cyber Operations (DCO)Testing will be accepted in lieu of a bachelor's degree. A Master's degree in an applicable discipline be substituted for three years of demonstrated work experience. Three … federal and state disability laws and makes reasonable accommodations for applicants and employees with disabilities. If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please direct your inquiries to . More ❯

Operating Procedure (SOP) reviews. • Adjudicate findings from Package Submitting Officer (PSO). • Register and maintain systems in Enterprise Mission Assurance Support Service (eMASS). • Plan and coordinate security control testing during Risk Assessments and Annual Security Reviews. • Report changes in system security posture to the ISSM. • Ensure the execution of Continuous Monitoring related requirements as defined in the System … update the eMASS record as necessary, and escalate to leadership for action, if required. • Correlate findings from non-RMF vulnerability assessments (e.g., Development Test (DT)/Operational Test (OT), penetration testing, Command Cyber Operational Readiness Inspection (CCORI), etc.) to RMF controls for tracking, ensuring a holistic risk assessment. • Participate in change control and configuration management processes. • Maintain vulnerability More ❯

cyber and space defense, space exploration, hypersonic and nuclear deterrence and warfighter readiness. Visit for more details. Responsibilities Arcfield's Cyber programs are expanding and currently in need of Penetration Tester (Pen Tester), Level 1 (Junior) professionals to review and evaluate customer Information Systems (IS) and recommend changes to the Government that can improve information confidentiality, integrity, and availability. … established methodologies. Identify, document, and report common vulnerabilities that could be exploited. Perform security-focused services to improve the security posture of customer Information Systems. Execute active and passive penetration testing capabilities on customer IT assets, as per government policy and direction. Document findings in detailed reports for inclusion in Security Assessment Reports (SARs). Support Risk Management … Framework (RMF) Steps 4 and 6 processes. Review and write Information System Accreditation Packages (ISAPs) and Technical Information System Security Requirements (TISSRs). Conduct approved testing and write reports following government-approved templates. Complete ISAP/TISSR reports within 30 calendar days of on-site assessment completion. Maintain and update report templates with government approval. Demonstrate basic scripting abilities More ❯

to improve the state of the practice. Responsibilities: Work closely with red-team experts to evaluate IT environments and identify security goals, vulnerabilities, objectives, and requirements Perform cybersecurity operations testing, and develop improvements to doing so, based on real adversary behavior described in adversary emulation plans Evaluate the efficacy of existing detection mechanisms, analytics, and mitigations Identify gaps in … Experience configuring network devices (e.g. routers, switches, etc.). Experience performing network packet inspection, traffic analysis, performance characterization (e.g. Wireshark, TCPdump, etc.). Understanding of network/cyber security, penetration testing, and information security best practices Understanding of Linux network security tools - (e.g. Metasploit, netcat, nmap, etc.). Experience building virtual infrastructure - (e.g. vSphere). Experience using scripting More ❯

Terraform, Ansible, Infrastructure as Code (IaC), DevOps, Kubernetes, Docker, Pen Testing, Splunk, Nutanix, Linux, Windows Due to federal contract requirements, United States citizenship and an active TS/SCI security clearance and polygraph are required for the position. Required: Must be a US Citizen. Must have TS/SCI clearance w/active polygraph. At least eight (08) years … customer requirements. These Qualifications Would be Nice to Have: Experience operating in an agile development environment and DevOps. Experience with container technologies such as Kubernetes and Docker. Knowledge of penetration testing or red team operations. Experience utilizing and development with Splunk. Experience with Nutanix. Defensive Cyber Security Operations. $175,000 - $200,000 a year The pay range for More ❯

Terraform, Ansible, Infrastructure as Code (IaC), DevOps, Kubernetes, Docker, Pen Testing, Splunk, Nutanix, Linux, Windows Due to federal contract requirements, United States citizenship and an active TS/SCI security clearance and polygraph are required for the position. Required: Must be a US Citizen. Must have TS/SCI clearance w/active polygraph. At least eight (08) years … customer requirements. These Qualifications Would be Nice to Have: Experience operating in an agile development environment and DevOps. Experience with container technologies such as Kubernetes and Docker. Knowledge of penetration testing or red team operations. Experience utilizing and development with Splunk. Experience with Nutanix. Defensive Cyber Security Operations. $175,000 - $200,000 a year The pay range for More ❯

and management process Conduct vulnerability assessments, ensure the remediation and recommend improvements to mitigate risks. Develop security playbooks Work with engineering team to implement security tools and controls Scope penetration testing and review related reports from external service providers Collaborate with the technology department to integrate security protocols into system designs. Ensure and develop security posture to newly More ❯

and management process Conduct vulnerability assessments, ensure the remediation and recommend improvements to mitigate risks. Develop security playbooks Work with engineering team to implement security tools and controls Scope penetration testing and review related reports from external service providers Collaborate with the technology department to integrate security protocols into system designs. Ensure and develop security posture to newly More ❯

IT, Computer Engineering, Network Engineering, Computer Science, or Computer Forensics Demonstrated XX years experience in three or more specific areas to include: analysis, network engineering, networking security, technical collection, penetration testing, red teaming, hardware engineering, software reverse engineering, and computer exploitation. Proven proficiency with at least three (3) or more of the following: mobile security, telecom protocols, operating More ❯

new DoD, USSF, DIA, and DISA cybersecurity directives. Support Vulnerability Management System (VMS) processes by documenting, tracking, and closing compliance findings. Contribute to Security Test & Evaluation (ST&E) efforts, penetration testing, and validation of cybersecurity controls. Revalidate cyber and IA controls for accredited systems and recommend improvements to strengthen mission assurance. Assess policy changes from higher headquarters and More ❯

. Demonstrable experience leading cloud migration and hybrid architecture projects. Excellent communication skills, able to engage both technical and non-technical stakeholders. Desirable Skills Experience with Azure Site Recovery, penetration testing, or vulnerability scanning. Exposure to DevOps principles and automation. Qualifications Microsoft Certified: Azure Administrator Associate (AZ-104) Microsoft Certified: Azure Solutions Architect Expert (AZ-305) Set2Recruit are More ❯

. Demonstrable experience leading cloud migration and hybrid architecture projects. Excellent communication skills, able to engage both technical and non-technical stakeholders. Desirable Skills Experience with Azure Site Recovery, penetration testing, or vulnerability scanning. Exposure to DevOps principles and automation. Qualifications Microsoft Certified: Azure Administrator Associate (AZ-104) Microsoft Certified: Azure Solutions Architect Expert (AZ-305) Set2Recruit are More ❯

As a Vulnerability Management Analyst you will use Leading, Enterprise-Led Tools & take Responsibility for Reviewing the Results of Risk & Impact Assessment, Scheduling & Planning for Specialist Third-Party Vulnerability & Penetration Testing, along with Reporting. Key Responsibilities of Vulnerability Management Analyst role would include: Conducting Vulnerability Scanning with leading Tools Scheduling of Scanning across Business, ensuring Reporting Requirements are More ❯

As a Vulnerability Management Analyst you will use Leading, Enterprise-Led Tools & take Responsibility for Reviewing the Results of Risk & Impact Assessment, Scheduling & Planning for Specialist Third-Party Vulnerability & Penetration Testing, along with Reporting. Key Responsibilities of Vulnerability Management Analyst role would include: Conducting Vulnerability Scanning with leading Tools Scheduling of Scanning across Business, ensuring Reporting Requirements are More ❯

AWS security controls, policies, and automation - Role-based and attribute-based access controls - Cryptographic protocols and secure key lifecycle management - Securing microservices, APIs, and DevSecOps best practices Skilled in penetration testing and hands-on coding with JavaScript, Java, or Python Strong understanding of vulnerability scanning, remediation, and vendor management Collaborative mindset with the ability to partner across engineering More ❯

AWS security controls, policies, and automation- Role-based and attribute-based access controls- Cryptographic protocols and secure key lifecycle management- Securing microservices, APIs, and DevSecOps best practices Skilled in penetration testing and hands-on coding with JavaScript, Java, or Python Strong understanding of vulnerability scanning, remediation, and vendor management Collaborative mindset with the ability to partner across engineering More ❯

experience with security frameworks (NIST, ISO 27001) and a proven track record of securing large-scale, high-availability systems. You are adept at threat modelling, security architecture review, and penetration testing concepts. Prior experience in the O&G (Oil & Gas) sector, government projects, or other critical infrastructure is a significant advantage. You are entrepreneurial, thrive in a start More ❯

operations, and advanced threat detection. Key Responsibilities Develop, assess, and maintain cybersecurity controls across cloud systems Ensure RMF, STIG, NIST SP 800-53, and FISMA compliance Manage vulnerability scans, penetration testing, and incident response Advise on integration of AI/ML-based cyber defense tools Support ATO processes and continuous monitoring Requirements Qualifications Bachelor's in Computer Science More ❯

topics is equivalent to an Associate degree. Experience: Relevant experience must be in computer or information systems design/development, programming, information/cyber/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, and/or systems engineering. Additionally, must have experience in network or system administration. If not credited toward education requirements, completion of military More ❯

a related field and a certified cybersecurity professional (CISSP) are required as well as a minimum of 8+ years: Experience: Knowledge of information security or related fields, computer network penetration testing, and techniques. Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts. Security & Access Management OKTA, Enterprise IDM, Enterprise Portal OAuth 2.0, OIDC, SAML 2.0 (for SSO) SMTP More ❯

Do: Conduct sophisticated exploitation activities against complex targets, leveraging zero-day vulnerabilities, reverse engineering, and custom payload development. Support and execute offensive cyber operations, including but not limited to, penetration testing, red teaming, and advanced cyber threat emulation. Exploit common vulnerabilities and misconfigurations associated with common operating systems. (Windows, Linux, etc.), protocols (HTTP, FTP, etc.), and network security More ❯

You'll conduct comprehensive attack path analysis and threat modelling, mapping adversary tactics and techniques to industrial environments and developing tailored mitigation strategies. You'll lead and execute advanced penetration testing, red teaming, and adversary simulation exercises within OT/ICS environments, leveraging frameworks such as MITRE ATT&CK for ICS and modelling using Bow-Tie Analysis to More ❯

experience with network exploitation Nice If You Have: Experience with dataflow and signals intelligence architecture Experience with programming languages for scripting and automation, including Python or C++ Experience with penetration testing tools Knowledge of encryption, ports, protocols, and common network configurations Network+, Security+, CEH, CCNA, or SANS Certification Clearance: Applicants selected will be subject to a security investigation More ❯

topology, protocols, and components; network security architecture, including the application of Defense-In-Depth principles; network traffic analysis methods; OSI model and underlying networking protocols (e.g. TCP/IP); penetration testing tools and techniques (e.g. metasploit, neosploit, etc.); programming language structures and logic; relevant laws, legal authorities, restrictions, and regulations pertaining to CND activities; system administration concepts for More ❯