Cyber Penetration Tester SME- Active TS (SCI and CI/Poly Eligible)

Vibrint•Reston, VA

About The Position

Vibrint is a trusted provider of mission-critical systems and analysis that transform our customers' capacity and capability in harvesting and harnessing data. Working alongside many of the most talented professionals in public service, we work tirelessly to create and sustain new solutions and services that meet the stringent demands across a variety of customer missions. Our people know they'll be doing work that matters at the heart of the national security mission, exploring new possibilities at the cutting edge of technology. They know they will be well-rewarded and recognized for their commitment. Our people know they will enjoy plentiful opportunities to grow, thrive, and have fun as a member of the Vibrint family. Join Vibrint, where your career is a priority, and your future is our shared goal. We are seeking a highly skilled and proactive Penetration Testing SME to join our Cybersecurity team. As a Penetration Testing SME, you will play a critical role in protecting our clients' infrastructure and data by identifying, testing, and validating security weaknesses across networks, systems, applications, and cloud environments. You will work closely with security engineers, incident responders, system owners, and other stakeholders to assess risk, recommend remediation strategies, and strengthen overall defensive posture. This role also requires the ability to train, mentor, and upskill analysts and team members in penetration testing methodologies, offensive security techniques, and adversary tradecraft.

Requirements

10+ years of experience in penetration testing, red teaming, or offensive cybersecurity operations
Hands-on experience using industry-standard penetration testing and vulnerability assessment tools (e.g., Burp Suite, Metasploit, Nmap, Nessus, BloodHound, etc.)
Demonstrated experience conducting exploitation, privilege escalation, and lateral movement in authorized environments
Experience training, mentoring, or leading analysts in cybersecurity or offensive security disciplines
Strong understanding of common cyber threats, attack vectors, and adversary tactics (MITRE ATT&CK, etc.)
Bachelor's degree in computer science, Cybersecurity, or related field (or equivalent experience)
Active Top-Secret Clearance (SCI Eligible) preferred

Nice To Haves

Advanced Penetration Testing Expertise: Proven experience leading and conducting complex penetration tests in enterprise or federal environments, including adversary emulation, red team-style assessments, and validation of security controls against advanced threats
Technical Proficiency in Offensive Security Tooling: Hands-on experience with tools such as Kali Linux, Metasploit, Burp Suite Pro, Cobalt Strike, Nmap, Nessus, BloodHound, Impacket, and other offensive security platforms used for enumeration, exploitation, and reporting
Training and Mentorship Experience: Demonstrated ability to train analysts and junior personnel in penetration testing concepts, offensive tooling, attack lifecycle methodology, and reporting standards
Application and Infrastructure Security Knowledge: Strong understanding of web application security, Active Directory exploitation, privilege escalation, lateral movement, cloud security testing, and common attack vectors affecting modern enterprise environments
Analytical and Collaborative Mindset: Strong ability to analyze complex environments, simulate realistic attack scenarios, and work closely with defenders, engineers, and leadership to improve security controls and reduce organizational risk
Relevant certifications such as OSCP, OSCE, GPEN, GXPN, CISSP, or GIAC preferred

Responsibilities

Conduct advanced penetration testing across enterprise and government environments, including network, web application, wireless, and internal/external assessments
Perform authorized exploitation and post-exploitation activities to validate risk and demonstrate real-world attack impact
Develop and execute penetration testing methodologies, tactics, techniques, and procedures aligned with industry best practices
Analyze security architectures, configurations, and controls to identify gaps and provide actionable remediation recommendations
Produce clear, comprehensive technical reports and executive summaries outlining findings, risk, and mitigation strategies
Collaborate with blue teams, incident responders, system owners, and developers to improve security posture and validate remediation efforts
Stay current on adversary tactics, emerging vulnerabilities, and offensive security trends to continuously enhance testing capabilities
Provide technical leadership and oversight for penetration testing activities across the team
Train, mentor, and develop junior analysts through hands-on instruction, workshops, and knowledge-sharing sessions
Guide team members on offensive tools, methodologies, reporting standards, and operational best practices