Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Senior Penetration Tester

ANALYGENCE Inc

Description

Tharros is seeking a Senior Penetration Testing, Software Assurance and Vulnerability Assessment Engineer to support a DHS Intelligence and Analysis cybersecurity program in the National Capital Region.


This role will support advanced penetration testing, software assurance, vulnerability assessment, cyber supply chain risk management, secure cloud and hybrid engineering, and cross-domain security assessment activities. The ideal candidate is a senior technical assessor who can go beyond automated scanning to identify systemic weaknesses, validate exploitability, assess operational impact, and provide clear remediation recommendations for complex mission environments.


Responsibilities:

  • Conduct penetration testing, vulnerability assessments, software assurance, and cyber supply chain risk management activities for Federal mission systems.
  • Perform full-scope security testing using established methodologies such as MITRE ATT&CK, OWASP, NIST 800-115, and related Federal or IC assessment practices.
  • Support pre-engagement planning, rules of engagement, intelligence gathering, threat modeling, vulnerability analysis, exploitation, post-exploitation, and reporting.
  • Use approved automated and manual testing methods to identify vulnerabilities, validate exploitability, and assess potential business and operational impacts.
  • Identify vulnerabilities commonly missed by automated tools through manual, expert-driven testing techniques.
  • Assess SOC detection and response capabilities through controlled testing activities.
  • Produce penetration testing reports, vulnerability assessment reports, software assurance recommendations, and corrective action guidance.
  • Support software assurance through vulnerability and compliance testing, source code review, static/dynamic analysis, dependency review, and software supply chain risk identification.
  • Conduct vulnerability assessments and interpret results to recommend corrective actions and mitigation strategies.
  • Support secure cloud, hybrid, DevSecOps, application, identity, API, microservices, CI/CD, Zero Trust, and cross-domain assessment activities.
  • Maintain secure testing kits and assessment tooling, including patching, configuration updates, and approved tool management.
  • Update and maintain penetration testing, SCRM, and vulnerability assessment procedures.
  • Support audits, working groups, and stakeholder briefings related to penetration testing, software assurance, vulnerability assessment, and cyber supply chain risk.
  • Identify opportunities to improve testing processes, automate assessment workflows, strengthen reporting, and produce useful metrics for leadership and technical stakeholders.
  • Translate assessment findings into actionable remediation plans, risk insights, POA&M inputs, dashboards, and decision-ready reporting.
Requirements
  • Active TS/SCI w Poly
  • 10+ years of related cybersecurity assessment, penetration testing, software assurance, vulnerability assessment, or cyber supply chain risk experience.
  • 2+ years of recent experience in each of the following areas: software assurance, penetration testing with automated tools, vulnerability assessment, security patch management, secure cloud and hybrid engineering, and
  • Cross Domain Solutions.
  • CEH and CISSP certifications, or comparable demonstrable experience.
  • Experience conducting penetration testing, vulnerability assessments, software assurance, source code review, SCRM, and cyber supply chain management activities.
  • Experience using both automated tools and manual testing processes to identify, validate, and document vulnerabilities.
  • Experience producing technical reports, corrective action recommendations, mitigation strategies, and executive-ready summaries.
  • Strong understanding of vulnerability management, exploitability, secure configuration, remediation validation, and operational risk.
  • Strong written and verbal communication skills.
  • Ability to work onsite at a government-approved location as required.
Preferred Qualifications:
  • Prior DHS, Intelligence Community, DoD, CISA, classified red team, software assurance, SCRM, CVPA, vulnerability research, or national security cyber assessment experience.
  • Experience with MITRE ATT&CK, OWASP, NIST 800-115, IC "Raise the Bar," NIST SP 800-161, CNSSI 1253, DHS 4300C, or related Federal/IC cybersecurity frameworks.
  • Experience testing cloud, application, identity, API, microservices, CI/CD, DevSecOps, Zero Trust, cross-domain, and hybrid TS/SCI environments.
  • Experience with SBOM analysis, static/dynamic code analysis, dependency review, source code review, exploit validation, secure configuration, and remediation validation.
  • Experience with GRC platforms such as Archer, eMASS, or Xacta, including the ability to translate findings into POA&Ms, dashboards, scorecards, and remediation workflows.
Vacancy posted 11 hours ago
Similar jobs that could be interesting for youBased on the Senior Penetration Tester in Washington DC vacancy
  • $95.86k - $208.27k

     ...inspiration and expand your capabilities, then consider a career in Advisory. KPMG is currently seeking a Senior Specialist, MAST Application Penetration Tester to join our Managed Services practice. Responsibilities: Conduct manual application penetration... 
    Senior
    Full time
    H1b
    Local area

    KPMG

    Washington DC
    19 days ago
  •  ...primary responsibility will be to plan, execute, and report on penetration tests targeting high-impact applications, platforms, and...  ...peer reviews of penetration test reports and mentoring junior testers. ~ Continuous learner who keeps up with the latest offensive... 
    Senior

    Chase

    Washington DC
    2 days ago
  • $115k - $203k

     ...Senior Penetration Tester Job Description Overview CoStar Group is a leading global provider of commercial and residential real estate information, analytics, and online marketplaces. Included in the S&P 500 Index, CoStar Group is on a mission to digitize the... 
    Senior
    Hourly pay
    Full time
    Work at office
    Work from home
    Monday to Thursday

    CoStar Group

    Arlington, VA
    1 day ago
  • $160k - $205k

    Koitecc Solutions is seeking a Manual Ethical Hacker to lead assessments on the security of bank's applications and technologies. The role requires a minimum of 5 years of pentesting experience and the ability to perform deep analysis of vulnerabilities. With a competitive...
    Senior

    Koitecc Solutions

    Washington DC
    5 days ago
  • $40 per hour

    A technology firm is looking for experienced cybersecurity professionals to join their remote team. In this role, you will evaluate AI-generated security content and solve technical problems to train AI models. Seeking candidates with 2+ years of hands-on experience in ...
    Senior
    Remote job
    Hourly pay
    Flexible hours

    DataAnnotation

    Washington DC
    1 day ago
  •  ...functional teams on security strategy and risk management. As part of the team, your primary responsibility will be performing hands on penetration testing of some of JPMC’s most critical applications, platforms, and third-party assets. You will work with application... 
    Senior
    Worldwide

    JPMorgan Chase & Co.

    Washington DC
    2 days ago
  • $160k - $205k

     ...of the bank's applications to malicious hacking activity. This senior technical role is responsible for performing and leading...  ...use scripting/coding techniques, proficiently execute common penetration testing tools, triage, and support incidents, and produce high... 
    Senior
    Shift work
    Day shift

    Koitecc Solutions

    Washington DC
    4 days ago
  • A leading cybersecurity consultancy is seeking a Cybersecurity Vulnerability Analyst based in Arlington, VA. The role requires an active Top Secret Security Clearance and 5+ years of experience, focusing on vulnerability analysis for federal clients. Candidates must exhibit...
    Senior

    Node.Digital

    Arlington, VA
    5 days ago
  • $107.9k - $195.05k

    A leading technology firm seeks an experienced Vulnerability Assessor in Arlington, VA. The role involves assessing and managing vulnerabilities, configuring security scans, and collaborating with teams to enhance cybersecurity capabilities. The ideal candidate should have...
    Senior

    Leidos

    Arlington, VA
    5 days ago
  • $140.5k - $210.5k

    The Federal Reserve System is hiring a Sr. Cybersecurity Analyst II in Washington, DC, to oversee the implementation of cybersecurity tools and lead analytical assessments. The role demands a Bachelor's degree in a related field and 6-8 years of experience in cybersecurity...
    Senior

    Federal Reserve System

    Washington DC
    4 days ago
  •  ...Job Description Job Description Job Title: Senior Penetration Tester Pay Type : SALARIED EXEMPT Location : Hybrid, Washington, DC US Citizenship : Required Summary of Position Role/Responsibilities Quzara LLC, a SBA Certified WOSB, EDWOSB, and 8... 
    Senior
    Full time
    Work experience placement
    Remote work
    Monday to Friday
    Shift work
    Night shift

    Quzara LLC

    Washington DC
    21 days ago
  •  ...for Top Secret due to classified threat intelligence. Citizenship: US Citizen (MUST) Key Responsibilities : Lead SBA’s penetration, offensive, and adversarial testing services, including gray/black box testing, red teaming, API testing, and DevSecOps code... 
    Senior
    Local area
    Remote work

    eTelligent Group LLC

    Washington DC
    more than 2 months ago
  •  ...Application Penetration Tester We are seeking a highly skilled and experienced Application Penetration Tester to join our dynamic team. This role is ideal for someone with a passion for cybersecurity, a deep understanding of application security, and the ability to... 

    OnDefend

    Washington DC
    1 day ago
  • $70 - $85 per hour

    A trusted staffing and consulting firm seeks an Intrusion Analyst to support federal law enforcement with advanced digital forensic investigations. The role involves detailed forensic analysis, evidence preservation, and expert testimony. Candidates should have a minimum...
    Senior
    Remote job
    Hourly pay

    Seneca

    Washington DC
    4 days ago
  •  ...MANTECH to connect them with exceptional professionals for this role. MANTECH seeks a motivated, career and customer-oriented Senior Information Systems Security Officer (ISSO) to join our team in Washington, D.C . This is an on-site position.  The Senior... 
    Senior
    Work at office
    Remote work

    MANTECH

    Washington DC
    9 days ago
  • $127.94k - $186.6k

    hackajob is collaborating with Excella to connect them with exceptional professionals for this role. Lead Information Systems Security Officer (ISSO) Arlington, Virginia, United States, Hybrid Excella is a transformative technology firm that helps organizations...
    Senior
    Work from home
    Home office
    Flexible hours

    Excella

    Arlington, VA
    13 days ago
  •  ...cybersecurity, a strong analytical background, and the ability to work collaboratively across locations. Required skills include network security knowledge and hands-on experience as a SOC Analyst or Penetration Tester. #J-18808-Ljbffr kozmetickesluzby.vecnakraska.sk - Jobboard
    Senior

    kozmetickesluzby.vecnakraska.sk - Jobboard

    Arlington, VA
    3 days ago
  • Overview Vexterra Group is searching for a Digital Forensic Analyst to provide support across forensic examinations, technical exploitation, and related activities for diverse customer assets and stakeholders. Responsibilities Conduct forensic examination of High Priority...
    Senior
    Temporary work
    Work experience placement

    Vexterra Group

    Bethesda, MD
    1 day ago
  • Raytheon Technologies is seeking a Cyber Network Forensic Analyst III to contribute to advanced cybersecurity operations. This role involves monitoring network activity to identify and analyze cyber threats, ensuring the protection of information systems. As part of a specialized...
    Senior
    Remote job

    Raytheon Technologies

    Arlington, VA
    2 days ago
  • A cybersecurity and intelligence firm in Arlington, VA, is seeking a qualified candidate to support computer network defense operations. The role involves coordinating incident response investigations and analyzing network traffic for security issues. Candidates must have...
    Senior

    Nightwing

    Arlington, VA
    4 days ago
  •  ...clearance before being able to start. The ability to obtain a final Top‑Secret security clearance. Peraton is currently seeking a Senior Digital Forensic Analyst for its Federal Strategic Cyber programs. Position Description: The Senior Digital Forensic Analyst will:... 
    Senior
    Full time
    For contractors
    Interim role
    Local area

    Peraton

    Arlington, VA
    3 days ago
  •  ...MANTECH seeks a motivated, career and customer-oriented  Senior Systems Analyst to join our team in  Arlington, VA . The position is onsite . Responsibilities include but are not limited to: ~ Providing Tier II IT Systems support on a wide range of technologies... 
    Senior
    Full time
    Work at office

    MANTECH

    Arlington, VA
    5 days ago
  •  ...Harris Technologies currently has an opening for a User Acceptance Tester with expertise in Test and Integration for an important National...  ...and verbal communication skills, with experience updating senior leadership. Able to work independently with minimum supervision.... 
    Senior
    For contractors
    Local area

    L3Harris Technologies

    Arlington, VA
    3 days ago
  • Vexterra Group is looking for a Digital Forensic Analyst to conduct comprehensive forensic examinations, support technical exploitation and generate professional reports for diverse stakeholders. The ideal candidate will have extensive experience and must possess active...
    Senior

    Vexterra Group

    Bethesda, MD
    2 days ago
  • $68k - $73k

     ...years of experience in the information technology field. Knowledge of and experience with Nessus. Knowledge of OWASP Top 10. Some penetration testing experience required. Prefer knowledge of and experience with the following tools: Acunetix Appdetective DbVisualizer... 
    Flexible hours

    Gunnison, CO

    Washington DC
    3 days ago
  • $101k - $152k

    Applied Information Sciences, Inc in Alexandria, Virginia is seeking a Senior Security Engineer to conduct comprehensive digital forensic examinations across various systems. This role includes responsibility for incident management, malware analysis, and deep investigations... 
    Senior
    Contract work

    Applied Information Sciences, Inc

    Alexandria, VA
    3 days ago
  •  ...Certifications: Holds or is working toward penetration testing and offensive security...  ...Description PingWind is seeking a Penetration Tester responsible for supporting authorized penetration...  ...with Government stakeholders and senior cybersecurity personnel. Conducts... 
    Temporary work
    Flexible hours

    Medium

    Alexandria, VA
    4 days ago
  • $120k - $136k

    SkyePoint Decisions is hiring a Senior Digital Forensics Analyst in Arlington, VA. The role supports the Diplomatic Security Cyber Mission and requires in-depth forensic expertise across various systems. Responsibilities include analyzing digital evidence and providing... 
    Senior

    Skyepointdecisionsinc

    Arlington, VA
    1 day ago
  •  ...Senior Information Systems Security Officer (ISSO) Location: Annapolis, MD / Reston, VA / Washington, DC Work Model: 100% Onsite (SCIF Environment) Work Type: Full-Time Experience Required: 13+ Years The Senior ISSO will support mission-critical cybersecurity initiatives... 
    Senior
    Full time

    Veracity

    Washington DC
    2 days ago
  • $95k - $112k

     ...upon customer approval. SkyePoint Decisions is seeking a Penetration Tester to support the Diplomatic Security Cyber Mission (DSCM)...  ...Demonstrated ability to lead a penetration test and guide Senior/Junior Penetration Testers. U.S. citizenship required.... 
    Contract work
    Remote work

    SkyePoint Decisions

    Arlington, VA
    5 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Senior Penetration Tester. Be the first to apply!