ISSE/Penetration Tester, Senior

About The Position

Requirements

• At least 10 years of relevant experience performing both ISSE and penetration testing functions.
• Extensive hands-on experience with penetration testing and vulnerability assessment tools, such as Nessus, Nmap, and Wireshark.
• Demonstrated knowledge of security architecture principles, including defense-in-depth, access control, authentication, authorization, PKI, and encryption.
• Experience applying the Risk Management Framework (RMF).
• Experience developing, assessing, and implementing IT security policies and secure system configurations.
• Experience performing risk assessments, security audits, and vulnerability remediation.
• Strong ability to manage multiple tasks and systems simultaneously in complex environments.
• Excellent written and verbal communication skills, with the ability to clearly articulate technical findings and trade-offs.
• Ability to work both independently and collaboratively in a fast-paced environment.
• Must be a U.S. Citizen.
• Must possess an active TS/SCI Security Clearance with a Polygraph.

Nice To Haves

• Bachelor’s or Master’s degree in Computer Science, Information Security, Information Assurance, or a related field (or equivalent experience).
• DoD 8570/8140 compliance (IASAE Level II or III).
• Professional certifications such as: CISSP, ISSEP GPEN, GWAPT, CEH CISM, GWEB
• Experience with scripting or automation languages.

Responsibilities

• Plan, lead, and execute internal and external penetration testing on enterprise systems, networks, and web applications.
• Conduct security verification testing, vulnerability assessments, and risk analyses throughout the system lifecycle.
• Analyze system implementations against applicable security policies, frameworks, and compliance requirements, recommending and implementing improvements.
• Design and assess information security architectures for large-scale, distributed systems.
• Identify, assess, and mitigate security threats and vulnerabilities using industry-standard tools and methodologies.
• Collaborate with systems engineering, test, integration, and development teams to ensure security requirements are built into system designs.
• Serve as a subject matter expert for security architecture, providing guidance to program managers, customer technical representatives, and internal teams.
• Evaluate the impact of new development and system changes on the operational security posture.
• Support risk management, security control assessments, continuous monitoring, and related information assurance activities.
• Contribute to Agile ceremonies, including Program Increment Planning.
• Mentor team members by sharing knowledge of vulnerabilities, attack vectors, and remediation strategies.

Benefits

• Comprehensive medical, dental, and vision plans.
• 401(k) with company match.
• Generous PTO policy including vacation, sick leave, and holidays.
• Opportunities for training, certifications, and career advancement.
• Flexible work schedules and remote work options.
• Employee assistance programs, wellness initiatives, and gym membership discounts.