About The Position

We are an employee-centric company that truly values our team members and the contributions they make to our customers and the missions they support. We pride ourselves on being forward-leaning thinkers and on building teams that are, and continue to be, technically proficient across a broad range of cyber mission areas. OneZero full-time employees receive a highly competitive benefits package, including health, dental, vision, and life insurance, a 401(k) with company matching, paid time off and holidays, an employee referral program, and educational assistance. Additional details are available on our website: https://www.onezerollc.com/careers/ Position Title: Senior Penetration Testing, Software Assurance & Vulnerability Assessment Engineer Location : On-site in a SCIF in the National Capital Region (NCR) – Nebraska Avenue Complex, Washington, DC (work locations transitioning to ICCB Bethesda / St. Elizabeths). Telework is not authorized; a designated Key Person must be available on-site during core hours Clearance: TS/SCI Job Summary: Performs advanced penetration testing, vulnerability assessments, and software assurance activities to identify and mitigate security weaknesses across DHS systems.

Requirements

  • Bachelor's degree in Cybersecurity, Computer Science, or related field or equivalent years of experience
  • CEH, OSCP, GPEN, CISSP, or equivalent experience
  • 15+ years of total cybersecurity experience, with demonstrated SME-level depth across the following disciplines:
  • 5+ years conducting penetration testing across multiple domains (network, application, red team, physical, and/or wireless)
  • 5+ years in software assurance, including secure code review, threat modeling, SAST/DAST tooling, and vulnerability analysis across multiple languages and platforms
  • 4+ years in enterprise patch management and vulnerability remediation, including prioritization frameworks (CVSS, EPSS), SLA enforcement, and remediation validation
  • 4+ years architecting, assessing, and securing cloud environments (AWS, Azure, GCP) and/or Cross Domain Solutions (CDS), including cloud-native attack surface analysis
  • Significant experience supporting DHS, Intelligence Community (IC), or other federal agency programs, with deep familiarity with RMF, ICD 503, NIST 800-53/800-115, and related compliance frameworks
  • Experience briefing findings and recommendations to senior leadership, program managers, and authorizing officials

Responsibilities

  • Conduct advanced penetration testing and vulnerability assessments across networks, applications, AI systems, cloud environments, and DevSecOps pipelines
  • Employ both automated tooling and sophisticated manual techniques to identify, validate, exploit, and analyze security weaknesses across complex, multi-domain environments
  • Perform red team operations and adversary emulation exercises aligned to MITRE ATT&CK TTPs, simulating realistic threat actor behavior against classified and unclassified systems
  • Conduct secure code reviews, static and dynamic application security testing (SAST/DAST), and software assurance activities across multiple languages and platforms
  • Assess Cross Domain Solutions (CDS), cloud-native architectures, and hybrid environments for misconfigurations, privilege escalation paths, and lateral movement opportunities
  • Analyze and correlate findings across assessments to identify systemic vulnerabilities and patterns, not just individual weaknesses
  • Lead and direct penetration test programs across multiple concurrent systems, coordinating scope, scheduling, and resource allocation
  • Develop, maintain, and continuously improve penetration testing methodologies, playbooks, and Standard Operating Procedures (SOPs)
  • Serve as a subject matter expert and technical authority on offensive security techniques, vulnerability research, and exploit development

Benefits

  • health insurance
  • dental insurance
  • vision insurance
  • life insurance
  • 401(k) with company matching
  • paid time off
  • holidays
  • employee referral program
  • educational assistance
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service