Cybersecurity Pen Tester Engineer - Journeyman

About The Position

Requirements

• U.S. Citizenship is required
• Security Clearance: Secret Eligible
• Required Certifications: DCWF Work Role 631-Information Systems Security Developer — Basic proficiency; must hold ONE OR MORE of the following: CC, CND, GISF, SSCP
• 3+ years of experience in cybersecurity
• Experience conducting penetration testing or adversarial assessments of networks, systems, applications, or enclaves.
• Ability to document technical findings with clear supporting evidence and produce written assessment reports suitable for remediation and compliance tracking.
• Experience supporting remediation validation and retesting activities following vulnerability identification.
• Familiarity with Risk Management Framework (RMF) and continuous monitoring processes in a DoD or federal cybersecurity environment.
• Ability to support cybersecurity operations across classified and unclassified environments.
• Experience coordinating technical assessment results with cybersecurity engineers, analysts, or system owners to support vulnerability mitigation.

Responsibilities

• Conduct penetration testing and adversarial assessments of ARNG networks, systems, applications, and enclaves to identify exploitable vulnerabilities and security weaknesses.
• Execute approved testing methodologies under senior oversight and collect technical evidence to support accurate, reproducible findings.
• Document assessment results in detailed technical reports that support RMF packages, continuous monitoring activities, and remediation tracking.
• Validate corrective actions through remediation testing and retesting to confirm identified vulnerabilities have been properly addressed.
• Support Task 3 Cybersecurity Operations Support objectives by contributing to proactive defense of classified and unclassified ARNG network environments within the DoDIN-Army-NG area of responsibility.
• Coordinate assessment activities and technical findings with cybersecurity operations stakeholders supporting DCO-IDM missions and broader cyber engineering, compliance, and vulnerability management efforts.
• Perform testing in environments that support ARNG enterprise operations for more than 120,000 users and approximately 141,000 endpoints across 2,800 sites in 54 states and territories.
• Contribute technical findings and supporting artifacts used by teams coordinating with the NETCOM Global Cyber Center and DISA DCDC for enterprise cybersecurity operations and response.
• Assess systems and enclaves supporting ARNG mission requirements, including classified SIPRNet operations and unclassified enterprise services, to help maintain operational readiness and reduce cyber risk.