Vulnerability Assessment / Penetration Testing Specialist - Contingent

About The Position

Requirements

• Minimum 3 years of experience performing vulnerability assessments and/or penetration testing
• Demonstrated experience in project management, network design, and testing the security of government systems to identify vulnerabilities
• Working knowledge of common testing methodologies and security testing lifecycle concepts (planning, execution, analysis, and mitigation support)
• Ability to clearly document findings with strong technical writing and evidence-based reporting
• Familiarity with Windows/Linux fundamentals, TCP/IP networking, and common enterprise services (AD, DNS, web apps, APIs, VPNs)
• Web application security testing experience aligned to OWASP testing practices
• Experience working in federal or similarly regulated environments with strict authorization, documentation, and evidence requirements

Nice To Haves

• Bachelor's degree in information systems, Computer Science, Engineering or related field
• Preferred Certifications: GIAC Web Application Penetration Tester (GWAPT) Certified Ethical Hacker (CEH) GIAC Systems and Network Auditor (GSNA) Certified Penetration Tester (CPT) Certified Expert Penetration Tester (CEPT) GIAC Certified Web Application Defender (GWEB) Offensive Security Certified Professional (OSCP) CREST Penetration Testing Certifications

Responsibilities

• Perform vulnerability assessments and penetration testing of government systems and applications in accordance with approved rules of engagement and testing plans
• Execute technical testing activities (e.g., reconnaissance, scanning, enumeration, validation/exploitation where authorized) and document evidence, risk, and impact
• Assess systems and networks to identify deviations from acceptable configurations and security policy, and translate findings into prioritized remediation actions
• Support secure network design reviews by analyzing network architecture, trust boundaries, segmentation, and exposed services to identify risk and attack paths
• Contribute to project delivery by estimating effort, tracking tasks, communicating blockers, and supporting status reporting and deliverable timelines
• Produce high-quality technical write-ups and executive-ready summaries, including reproduction steps, affected assets, severity rationale, and remediation recommendations
• Retest/validate remediation and provide closure evidence for resolved vulnerabilities as required by the engagement and client process
• Maintain careful handling of sensitive information and ensure testing remains ethical, authorized, and auditable

Benefits

• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k)
• Life Insurance (Basic, Voluntary & AD&D)
• Paid Time Off
• Family Leave (Maternity, Paternity)
• Short Term & Long-Term Disability
• Training & Development