Phia is hiring a
Penetration Tester

Summary

Join phia as a Penetration Tester (Red Team Operator) to conduct advanced security assessments across federal government, state and local governments, critical infrastructure, and private companies. This is a remote position with engagement-based travel.

Requirements

• A minimum of 3 years of experience in offensive security or red teaming, with proven ability to work independently
• Bachelor’s degree in Cybersecurity, Computer Science, or a related field
• Strong experience conducting red team operations and adversary emulation independently
• Expertise in vulnerability assessments, focusing on advanced application security and cloud environments
• Proficient in ethical hacking techniques, code reviews, and security auditing
• Expert-level knowledge of key security tools and scripting languages (e.g., Kali Linux, Metasploit, Cobalt Strike, PowerShell, Python)
• Experience working with cloud platforms (AWS, Azure, GCP) and containerization technologies
• Familiarity with the MITRE ATT&CK framework for structuring red team engagements
• Strong understanding of government and industry compliance frameworks (e.g., NIST, FISMA, HIPAA)
• Proven ability to manage red team engagements and ensure projects are completed on time with minimal oversight
• Strong communication skills to present technical findings to both technical and non-technical audiences
• Experience in military, Intelligence Community, or Law Enforcement is highly valued
• Must be able to obtain and maintain necessary security clearances

Responsibilities

• Perform independent vulnerability and penetration testing assessments, following established methodologies and rules of engagement
• Identify and analyze critical security vulnerabilities that could be exploited to compromise client systems and information
• Assess system and network configurations to detect deviations from accepted security standards and policies
• Execute red team operations simulating real-world adversary tactics, techniques, and procedures (TTPs), focusing on advanced threats
• Collaborate with senior leadership to align red team engagements with broader security strategies
• Integrate threat intelligence into red team activities to ensure engagements reflect realistic, current attack patterns
• Work closely with blue teams and incident response teams to improve organizational defenses based on red team findings
• Prepare detailed reports outlining vulnerabilities and providing actionable, risk-based recommendations for remediation
• Develop, customize, and maintain tools to enhance red team capabilities
• Stay updated on emerging attack vectors, vulnerabilities, and security technologies to inform assessments

Benefits

• Comprehensive medical insurance to include dental and vision
• Short Term & Long-Term Disability
• 401k Retirement Savings Plan with Company Match
• Tuition and Professional Development Assistance
• Flex Spending Accounts (FSA)