Phia is hiring a
Penetration Tester

Summary

The job is for a Penetration Tester (Red Team Operator) at phia, LLC. The role involves conducting advanced security assessments across various sectors, with a focus on red team operations and threat intelligence integration. The candidate should have relevant experience, a Bachelor’s degree in Cybersecurity, Computer Science, or a related field, and necessary certifications.

Requirements

• A minimum of 3 years of experience in offensive security or red teaming
• Bachelor’s degree in Cybersecurity, Computer Science, or a related field
• Expertise in vulnerability assessments, focusing on advanced application security and cloud environments
• Proficient in ethical hacking techniques, code reviews, and security auditing
• Expert-level knowledge of key security tools and scripting languages (e.g., Kali Linux, Metasploit, Cobalt Strike, PowerShell, Python)
• Experience working with cloud platforms (AWS, Azure, GCP) and containerization technologies
• Familiarity with the MITRE ATT&CK framework for structuring red team engagements
• Strong understanding of government and industry compliance frameworks (e.g., NIST, FISMA, HIPAA)
• Proven ability to manage red team engagements and ensure projects are completed on time with minimal oversight
• Strong communication skills to present technical findings to both technical and non-technical audiences
• Experience in military, Intelligence Community, or Law Enforcement is highly valued
• Must be able to obtain and maintain necessary security clearances
• U.S. Citizenship required
• Top Secret clearance required with SCI eligibility
• DHS Suitability (EOD) required before start
• OSCP, OSCE, GPEN, GXPN, or equivalent required
• Additional certifications such as CRTO, CREST, or cloud security certifications (e.g., AWS Certified Security) are desirable

Responsibilities

• Perform independent vulnerability and penetration testing assessments
• Identify and analyze critical security vulnerabilities
• Assess system and network configurations
• Execute red team operations simulating real-world adversary tactics, techniques, and procedures (TTPs)
• Collaborate with senior leadership to align red team engagements with broader security strategies
• Integrate threat intelligence into red team activities
• Work closely with blue teams and incident response teams
• Prepare detailed reports outlining vulnerabilities and providing actionable, risk-based recommendations for remediation
• Develop, customize, and maintain tools to enhance red team capabilities
• Stay updated on emerging attack vectors, vulnerabilities, and security technologies

Benefits

• Comprehensive medical insurance to include dental and vision
• Short Term & Long-Term Disability
• 401k Retirement Savings Plan with Company Match
• Tuition and Professional Development Assistance
• Flex Spending Accounts (FSA)