Senior Penetration Tester

Summary

Join Tangent Technologies as a Senior Penetration Tester, leading and executing advanced penetration testing, vulnerability assessments, and security evaluations for federal systems. You will serve as a Subject Matter Expert (SME) in penetration testing, playing a crucial role in identifying and mitigating cyber risks across cloud, web, mobile, and enterprise network infrastructures. This position is contingent upon contract award.

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field
• Minimum 10 years of professional IT or cybersecurity experience
• At least 6 years of experience conducting penetration testing and web application security testing
• 5 years of experience performing network/application vulnerability assessments and delivering actionable remediation plans
• 5 years of direct experience working with federal clients to improve security postures
• 1 year of experience conducting CISA Assessment Evaluation and Standardization (AES) independently
• 1 year of experience with DHS CISA AES Pen Testing Standards and Methodologies
• DHS CISA AES Operator Role Certification
• Certification through DHS CISA Assessment Evaluation and Standardization (AES)

Responsibilities

• Plan, scope, and execute penetration tests against various technologies including web applications, mobile platforms, and federal cloud infrastructures
• Conduct comprehensive network/application vulnerability assessments using both automated and manual techniques
• Execute penetration testing engagements following DHS CISA AES Penetration Testing Standards and Methodologies
• Conduct independent AES assessments and provide detailed, executive-level out briefs to Federal leadership
• Collaborate with stakeholders to identify key risks and design actionable programs and countermeasures to address security gaps
• Provide thorough documentation, including technical findings, risk ratings, remediation strategies, and test results
• Lead assessments on an individual basis to raise the security posture across Federal enterprises and support High Value Asset (HVA) protection
• Communicate technical risks and vulnerabilities in an understandable and actionable manner for both technical and non-technical audiences

Preferred Qualifications

• Certified Ethical Hacker (CEH)
• CompTIA PenTest+
• CompTIA Security+
• CompTIA Network+
• OSCP or equivalent cybersecurity credentials