Cyber Penetration Tester

ASRC FederalWashington, DC
$117,373 - $199,496Hybrid

About The Position

ASRC Federal is seeking an experienced Cyber Penetration Tester to lead advanced security assessments and contribute to the development and execution of penetration testing strategies. This role combines hands-on testing with leadership, mentoring, and collaboration across cybersecurity disciplines. The work location is hybrid in DC, requiring 3 days per week onsite.

Requirements

  • Bachelor's degree in a related field.
  • 5+ years of relevant experience in cybersecurity and penetration testing (or equivalent combination of education and experience).
  • Active DOE Q-Clearance or Top Secret (TS) equivalent required.
  • Strong proficiency in vulnerability analysis, risk remediation, and reporting.
  • Ability to clearly replicate vulnerabilities and provide actionable mitigation steps.
  • Familiarity with tools including: Linux, Tenable Nessus, Forescout, Carbon Black, Invicti, Scythe, Rubrik, Fidelis
  • Excellent written and verbal communication skills; ability to present technical findings to executive audiences.

Nice To Haves

  • OSCP (Offensive Security Certified Professional)
  • OSCE (Offensive Security Certified Expert)
  • CEH (Certified Ethical Hacker)
  • CISSP (Certified Information Systems Security Professional)

Responsibilities

  • Lead and perform advanced security assessments, including hands-on penetration testing of systems and applications.
  • Identify vulnerabilities, assess risks, and deliver clear, actionable remediation recommendations.
  • Develop and maintain assessment plans aligned with NIST SP 800-53 and FedRAMP Cloud Security Controls.
  • Execute security assessments per defined plans and document findings accurately and promptly.
  • Design, develop, and maintain tools/scripts to automate and enhance penetration testing activities.
  • Manage and mentor a small team of junior penetration testers; provide technical guidance and training.
  • Build and lead a Purple Team to perform joint red/blue team exercises with customer sites.
  • Support secure systems operations and maintenance, including security validation and accreditation activities.
  • Analyze and mitigate system security threats throughout the lifecycle, including risk assessments and implementation of security engineering controls.
  • Ensure compliance with business continuity, operations security, insider threat detection, physical security analysis, and regulatory requirements.
  • Communicate technical findings effectively to technical teams and executive stakeholders.

Benefits

  • health care
  • dental
  • vision
  • life insurance
  • 401(k)
  • education assistance
  • paid time off
  • holidays
  • any other paid leave required by law
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service