About The Position

Performs advanced penetration testing, vulnerability assessments, and software assurance activities to identify and mitigate security weaknesses across DHS systems. We are an employee-centric company that truly values our team members and the contributions they make to our customers and the missions they support. We pride ourselves on being forward-leaning thinkers and on building teams that are, and continue to be, technically proficient across a broad range of cyber mission areas.

Requirements

  • Bachelor's degree in Cybersecurity, Computer Science, or related field or equivalent years of experience.
  • CEH, OSCP, GPEN, CISSP, or equivalent experience
  • 15+ years of total cybersecurity experience, with demonstrated SME-level depth across the following disciplines:
  • 5+ years conducting penetration testing across multiple domains (network, application, red team, physical, and/or wireless)
  • 5+ years in software assurance, including secure code review, threat modeling, SAST/DAST tooling, and vulnerability analysis across multiple languages and platforms
  • 4+ years in enterprise patch management and vulnerability remediation, including prioritization frameworks (CVSS, EPSS), SLA enforcement, and remediation validation
  • 4+ years architecting, assessing, and securing cloud environments (AWS, Azure, GCP) and/or Cross Domain Solutions (CDS), including cloud-native attack surface analysis
  • Significant experience supporting DHS, Intelligence Community (IC), or other federal agency programs, with deep familiarity with RMF, ICD 503, NIST 800-53/800-115, and related compliance frameworks
  • Experience briefing findings and recommendations to senior leadership, program managers, and authorizing officials

Responsibilities

  • Conduct advanced penetration testing and vulnerability assessments across networks, applications, AI systems, cloud environments, and DevSecOps pipelines
  • Employ both automated tooling and sophisticated manual techniques to identify, validate, exploit, and analyze security weaknesses across complex, multi-domain environments
  • Perform red team operations and adversary emulation exercises aligned to MITRE ATT&CK TTPs, simulating realistic threat actor behavior against classified and unclassified systems
  • Conduct secure code reviews, static and dynamic application security testing (SAST/DAST), and software assurance activities across multiple languages and platforms
  • Assess Cross Domain Solutions (CDS), cloud-native architectures, and hybrid environments for misconfigurations, privilege escalation paths, and lateral movement opportunities
  • Analyze and correlate findings across assessments to identify systemic vulnerabilities and patterns, not just individual weaknesses
  • Lead and direct penetration test programs across multiple concurrent systems, coordinating scope, scheduling, and resource allocation
  • Develop, maintain, and continuously improve penetration testing methodologies, playbooks, and Standard Operating Procedures (SOPs)
  • Serve as a subject matter expert and technical authority on offensive security techniques, vulnerability research, and exploit development

Benefits

  • health, dental, vision, and life insurance
  • a 401(k) with company matching
  • paid time off and holidays
  • an employee referral program
  • educational assistance
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service