201 to 225 of 531 Penetration Testing Jobs

Chantilly, VA Full-Time TS/SCI with Poly Onsite Overview Lucayan Technology LLC is seeking a Level 2 Penetration Tester to join our cybersecurity team supporting mission-critical government programs in Chantilly, VA . A Penetration Tester (Pen Tester) is a security professional who reviews and evaluates NRO ISs and recommends changes to the Government that can … improve information confidentiality, integrity, and availability. Pen Testers are also responsible for performing security focused services to improve the security posture of NRO ISs. This role conducts penetration testing, vulnerability analysis, and exploitation to strengthen system security. What You'll Do Perform reconnaissance, vulnerability scanning, and penetration testing. Identify common and complex vulnerabilities. Document and report findings More ❯

reviews of system architectures, applications, cloud services (IaaS, PaaS, SaaS), and network security. Assess IAM/PAM implementations and M365/Azure/Active Directory configurations. Conduct or oversee penetration testing, vulnerability assessments, and threat modelling. Review and approve technical designs and solution architectures from a security standpoint. Assurance, Compliance, and Audit Develop and maintain an IT Security … and resilience across the organisation. Collaborate with HR and L&D to embed cyber hygiene into inductions and ongoing learning. Incident Management and Business Continuity Oversee the development and testing of Incident Response, Disaster Recovery, and Business Continuity Plans. Provide senior escalation and leadership during security incidents. Conduct post-incident reviews and ensure lessons learned drive continuous improvement. Continuous More ❯

Operational Technology (OT) Cyber Security Engineer to join their Service and Support team. The role involves designing and securing OT networks across various critical industries, conducting advanced threat analysis, penetration testing, and vulnerability assessments. The engineer will develop and implement cybersecurity solutions, lead risk mitigation efforts, mentor junior team members, and support project management and business development activities. More ❯

2025. The Cybersecurity Engineer responsibilities include, but are not limited to: Design, implement, and maintain cybersecurity measures to protect infrastructure from cyber threats. Perform risk assessments, vulnerability assessments, and penetration testing to identify and mitigate cyber risks. Develop and manage cybersecurity plans, policies, and procedures to ensure compliance with relevant regulations. Provide subject matter expertise to and advise More ❯

Identify and remediate vulnerabilities using industry-standard tools Administer and configure security technologies (e.g., firewalls, SIEM, IDS/IPS, endpoint protection) Oversee access controls and identity management systems Conduct penetration testing and routine vulnerability scans Monitor networks and systems for threats; lead incident response efforts Perform root cause analysis and maintain incident response protocols Recommend enhancements to improve More ❯

response for security risks and issues raised by SOC teams Manage implementation of logging and SIEM integration for comprehensive monitoring Prioritise and oversee vulnerability remediation across the platform Support penetration testing activities and security audits Collaboration & Leadership: Build strong relationships with central security teams and contribute to communities of practice Manage escalations of security-related issues, risks, and More ❯

complex network issues, including those related to encryption, routing, and access control within the CSfC architecture. • Implement and enforce stringent security policies, perform regular security audits, vulnerability assessments, and penetration testing to identify and mitigate risks within the CSfC environment. • Maintain comprehensive documentation for network configurations, security procedures, and CSfC compliance, ensuring adherence to NSA, DoD, and other More ❯

critical systems. RESPONSIBILITIES & DUTIES: Design, deploy and manage cloud security architectures in AWS, Azure and/or other commercial or private cloud environments. Conduct risk assessments, vulnerability scans, and penetration testing to identify and mitigate security weaknesses. Implement and monitor cloud-native security controls, such as firewall, encryption, IAM policies, and logging/monitoring solutions/Develop and More ❯

with SOC and incident response teams to support real-time cyber defense operations. Identify and analyze malicious activity, trends, and threat actor behavior to inform defensive strategies. Assist in penetration testing and uncovering network vulnerabilities. Recommend and implement best practices for securing information systems and infrastructure. Install and configure cybersecurity software and protective measures including firewalls and encryption. More ❯

security architectures for federal aviation systems or other critical infrastructure environments. Familiarity with cloud service providers (AWS, Azure, GCP) and their FAA-compliant security capabilities. Background in incident response, penetration testing, or red/blue team exercises. SCA/Union/Intern Rate or Range Details Target Salary Range: $104,000 - $166,000. This represents the typical salary More ❯

and a highly collaborative team. In this position, you will: Provide technical security oversight throughout the system development life-cycle to ensure adherence to security requirements. Support vulnerability assessments, penetration testing, and risk analysis to identify and mitigate potential threats. Integrate continuous monitoring and compliance activities into system architectures and operational processes. Collaborate with system architects, developers, and More ❯

complex network issues, including those related to encryption, routing, and access control within the CSfC architecture. • Implement and enforce stringent security policies, perform regular security audits, vulnerability assessments, and penetration testing to identify and mitigate risks within the CSfC environment. • Maintain comprehensive documentation for network configurations, security procedures, and CSfC compliance, ensuring adherence to NSA, DoD, and other More ❯

techniques, and procedures (TTPs) within our environments. Continuously improve security processes, playbooks, and tooling based on real-world lessons 3. Assurance & Vulnerability Management Lead the technical support for our penetration testing programme, including sound scoping, engaging with pentesters, and owning the subsequent vulnerability remediation. Develop and implement a technical framework for the deeper assessment and management of Third More ❯

including malware, phishing, and unauthorized access attempts. Document incidents and produce reports for internal stakeholders and governance teams. Threat Prevention & Risk Management Arrange/conduct regular vulnerability assessments and penetration testing. Implement and manage security tools such as firewalls, antivirus, and endpoint detection systems. Collaborate with third-party providers to maintain and enhance cyber resilience capabilities. Policy & Compliance Develop More ❯

Responsibilities Partner with development, operations, and security teams to integrate security protocols seamlessly into the software development lifecycle. Design, build, and maintain CI/CD pipelines incorporating automated security testing, vulnerability assessments, and compliance checks. Develop and manage infrastructure as code (IaC) configurations, ensuring secure and scalable cloud resources and infrastructure. Conduct security assessments, code reviews, and penetration testing to identify and resolve application, code, and infrastructure vulnerabilities. Monitor system and application logs to detect and address potential security incidents. Implement and oversee identity and access management (IAM) systems to ensure secure authentication and authorization. Provide secure coding guidance to software engineers and assist in remediating security issues. Lead incident response efforts, investigating and mitigating security … code tools, including Terraform, CloudFormation, or Ansible. Strong scripting skills in languages such as Python and Bash for automation and integration. Proficiency with static code analysis, dynamic application security testing (DAST), and vulnerability scanning tools like Fortify and Acunetix. Knowledge: In-depth understanding of security frameworks (e.g., OWASP, NIST) and best practices for mitigating vulnerabilities. Familiarity with common threat More ❯

and Cobalt Strike) Ability to operate in a critical fashion in dynamic environments Knowledge of FISMA and NIST 800 series standards In-depth knowledge of network mapping, vulnerability scanning, penetration testing, and Web Application testing In-depth knowledge of the procedures of Phishing Assessments, Wireless Assessments, Operating System Security Assessments, and Database Assessments Serves as Subject Matter More ❯

expectations. Responsibilities Collaborate with cross-functional teams to integrate robust security measures throughout the software development lifecycle. Design, implement, and manage CI/CD pipelines that include automated security testing, vulnerability scanning, and compliance validation. Develop and maintain infrastructure as code (IaC) configurations to ensure secure, scalable cloud and infrastructure deployments. Conduct comprehensive security assessments, code reviews, and penetration testing to identify and mitigate vulnerabilities. Monitor system and application logs for potential security threats and respond to incidents promptly. Implement and oversee identity and access management (IAM) solutions, maintaining secure authentication and authorization processes. Advise software engineers on secure coding practices and assist in addressing security vulnerabilities. Contribute to incident response activities by investigating and mitigating breaches More ❯

solutions. Collaborate with development, operations, and security teams to integrate security practices into the software development lifecycle. Design, implement, and maintain CI/CD pipelines that incorporate automated security testing, vulnerability scanning, and compliance checks. Develop and maintain infrastructure as code (IaC) templates and configurations, ensuring security best practices are applied to cloud resources and infrastructure components. Perform regular … security assessments, code reviews, and penetration testing to identify and address vulnerabilities and weaknesses in applications, code, and infrastructure. Monitor and analyze system and application logs to detect and respond to security incidents. Implement and manage identity and access management (IAM) solutions, ensuring appropriate authentication and authorization mechanisms are in place. Collaborate with software engineers to provide guidance … CloudFormation, or Ansible. Strong experience in scripting languages (e.g., Python, Bash) for automation and tool integration. Hands-on experience with security tools for static code analysis, dynamic application security testing (DAST), and vulnerability scanning, using tools such as Fortify, Acunetix, and Prisma Cloud Knowledge of security best practices, common vulnerabilities, and exposure to security frameworks (e.g., OWASP, NIST). More ❯

Desired Skills/Qualifications The successful candidate will have also one or more of the following qualifications: Understand and be well versed in common cyber threat terminology, vulnerability and penetration test principles and methodologies; possess basic knowledge of cyber incident and response forensics and related current events. Familiarity with Log Analysis, Packet Analysis OSI Model, Network Architectures, NIST, DIA … and Information Operations, threat intelligence activities including the collection of and tracking threat actors, digital forensics incident response; and threat hunting methodologies. experience performing attack analysis or Red Team penetration testing against operational computer networks including experience in Windows Security, Network Security, Linux/Unix Security, Database security, or Mainframe Security. Ability to operate and navigate the Windows More ❯

in London, is a global Cybersecurity advisory firm. They are hiring a Senior Pentester in London (hybrid, 2x day a week in London offices). Responsibilities: Lead and deliver penetration tests across various industries, including infrastructure, technology, healthcare, financial services, and retail. Engage directly with clients, building credibility and strong professional relationships. Oversee end-to-end testing, from … remaining undetected by XDR/IDS/IPS/EDR systems. Conduct physical security assessments, including covert access operations. Qualifications & Skills: 5 - 10 years of experience in hands-on penetration testing/red teaming/Offensive Security operations with consulting/client-facing experience. Experience as a CHECK Team Lead. Proficiency in scripting and programming languages such as More ❯

in London, is a global Cybersecurity advisory firm. They are hiring a Senior Pentester in London (hybrid, 2x day a week in London offices). Responsibilities: Lead and deliver penetration tests across various industries, including infrastructure, technology, healthcare, financial services, and retail. Engage directly with clients, building credibility and strong professional relationships. Oversee end-to-end testing, from … remaining undetected by XDR/IDS/IPS/EDR systems. Conduct physical security assessments, including covert access operations. Qualifications & Skills: 5 - 10 years of experience in hands-on penetration testing/red teaming/Offensive Security operations with consulting/client-facing experience. Experience as a CHECK Team Lead. Proficiency in scripting and programming languages such as More ❯

in London, is a global Cybersecurity advisory firm. They are hiring a Senior Pentester in London (hybrid, 2x day a week in London offices). Responsibilities: Lead and deliver penetration tests across various industries, including infrastructure, technology, healthcare, financial services, and retail. Engage directly with clients, building credibility and strong professional relationships. Oversee end-to-end testing, from … remaining undetected by XDR/IDS/IPS/EDR systems. Conduct physical security assessments, including covert access operations. Qualifications & Skills: 5 - 10 years of experience in hands-on penetration testing/red teaming/Offensive Security operations with consulting/client-facing experience. Experience as a CHECK Team Lead. Proficiency in scripting and programming languages such as More ❯

best practices. Strong analytical and prioritization skills with a pragmatic, risk-based approach to decision-making. Leadership experience Nice to have: If you have come from a development/penetration testing background this would be advantageous for my client. Pen testing experience Certifications (CEH)/OSCP This role is on a hybrid basis with 2 - 3 days More ❯

access reviews, and incident response readiness. Provide insights and triage signals from security tooling (SAST, DAST, dependency scanning, SIEM). Work hands-on to perform internal security assessments or penetration testing. Manage relationships with external pentest providers, auditors, and assessors. Secure Development Lifecycle (SDLC) Partner with engineering teams to embed security in the SDLC and DevSecOps practices. Advise and … security leadership role. Strong understanding of security standards and frameworks (ISO 27001, SOC 2, CIS, NIST, GDPR, EU AI Act). Hands-on technical skills in areas such as penetration testing, application security, or infrastructure hardening. Familiarity with modern software development practices, DevSecOps, and cloud-native architectures (preferably Python eco-system, Kubernetes and Azure/AWS/GCP More ❯

Black-box testing (unauthenticated + authenticated) External web app and REST endpoint testing Risk-ranked vulnerability report Retesting after remediation Log & packet trace submission Destruction attestation of test data U.Sbased testing & data residency The selected contractor will work closely with ADS, AOT, Fast and ProMiles personnel as required during this engagement. External web application penetration testing More ❯