Vulnerability Assessment Analyst and Penetration Tester
SteelToad
Vulnerability Assessment Analyst and Penetration Tester Position Description The Vulnerability Assessment Analyst and Penetration Tester is responsible for the delivery of continuous cyber assessments, solving complex technology problems, building tools, and identifying and influencing response to and mitigation of threats. Perform manual assessment of systems, services, and software; specializing in security issues beyond those identified by static analysis tools. The individual ensures services, applications, and websites are designed and implemented to the highest security standards. Responsible for application and hardware penetration testing, automating repetitive tasks using various scripting languages, mentoring, and leading other engineers to deliver complex penetration tests and vulnerability assessments. The individual will be expected to drive automation, tooling, efficiency, and advance the team’s penetration testing capabilities. Responsible for creating threat mitigation plans. Qualifications Five years of hands‑on penetration testing experience with operating systems, web applications, and network infrastructure. Administrator‑level knowledge of Windows and Linux Server operating systems. Experience with operating system security. Competent with testing frameworks and tools, such as Burp Suite, Metasploit, Cobalt Strike, Kali Linux, Nessus, PowerShell Empire. Knowledge of the functionality and capabilities of computer network defense technologies, including router Access Control Lists (ACLs), firewalls, Intrusion Detection System (IDS)/Intrusion Prevention System (IPS), antivirus/Endpoint Detection and Response (EDR), and web content filtering. Strong written and verbal communication skills, including the ability to explain complex technical topics to non‑technical audiences. Possess one of the following certifications upon onboarding: Offensive Security Certified Professional (OSCP) Offensive Security Web Assessor (OSWA) Obtain one of the following certifications within 9 months of onboarding: GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) Offsec Experienced Penetration Tester (OSEP) Reports To Assigned Program Manager Security Clearance Requirements Secret Travel Requirements Travel is anticipated to be 10% - 15% within the Continental United States and 5% - 10% outside the Continental United States. Benefits & Compensation New employees are eligible to participate in the company’s benefits plan on their day of hire unless noted otherwise. Medical Insurance Long Term & Short-Term Disability, Group Life and AD&D Insurance – 100% Employer Paid Health Savings Account 401(k) Savings Plan – 100% match for the first 3% contributed plus 50% of the next 2% contributed. (no vesting period and eligibility is your date of hire). Paid holidays – Eleven (11) per year Paid Time Off – One hundred‑twenty (120) accrued hours per year Professional Development Program Salary will be determined based on the individual’s education and experience level Overview Lumbee Holdings is a leading provider of IT Support, Cybersecurity and Training and Development to the Department of Defense (DoD) and other government agencies. Equal Employment Opportunity Policy Statement It is the policy of Lumbee Tribe Holdings, Inc. and its subsidiaries (the “Company”) not to discriminate against any employee or applicant for employment because of race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, marital status, genetic information, mental or physical disability (and medical condition, for employees in California) or because he or she is a protected veteran. It is also the policy of the Company to take affirmative action to employ and to advance in employment, all persons regardless of race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, marital status, genetic information, mental or physical disability (and medical condition, for employees in California) or protected veteran status, and to base all employment decisions only on valid job requirements. This policy shall apply to all employment actions, including but not limited to recruitment, hiring, upgrading, promotion, transfer, demotion, layoff, recall, termination, rates of pay or other forms of compensation and selection for training, including apprenticeship, at all levels of employment. Employees and applicants of the Company will not be subject to harassment on the basis of race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, marital status, genetic information, mental or physical disability (and medical condition, for employees of California) or because he or she is a protected veteran. Additionally, retaliation, including intimidation, threats, or coercion, because an employee or applicant has objected to discrimination, engaged or may engage in filing a complaint, assisted in a review, investigation, or hearing or have otherwise sought to obtain their legal rights under any Federal, State, or local EEO law is prohibited. NOTE: These statements are intended to describe the general nature and level of work involved for this job. It is not an exhaustive list of all responsibilities, duties, and skills required of this job. Seniority Level Mid‑Senior level Employment Type Full‑time Job Function Business Development and Sales Industries Computer and Network Security #J-18808-Ljbffr SteelToad
$143.2k - $171.3k
...that moves missions and the government forward! As a Vulnerability Assessment Analyst at AFS, you will play a pivotal role in safeguarding critical... ...) CyberSec First Responder (CFR) GIAC Certified Penetration Tester (GPEN) GIAC Systems and Network Auditor (GSNA)...SuggestedLocal area- ...Technologies, Inc. is seeking a senior security professional with TS/SCI clearance and an active polygraph to lead advanced penetration testing and risk assessment efforts. You will perform web app and physical pentests, apply RMF, and implement secure configurations across...Suggested
$50k - $290k
...A leading consulting firm is seeking a Network Evaluator to assess and improve operational networks in Annapolis Junction, MD. Candidates must evaluate vulnerabilities, recommend countermeasures, and support security solutions. A Bachelor’s degree with relevant experience...Suggested- ...A cybersecurity company is seeking a Cybersecurity Vulnerability Analyst to support a Vulnerability Disclosure Program for the federal government... ...include evaluating vulnerability reports, conducting assessments, and utilizing offensive security tools to analyze systems....Suggested
- ...ATT&CK, CVSS, and NIST frameworks to assess vulnerability severity and risk impact. In-depth understanding... ...Completed multiple Hack-The-Box penetration testing labs and challenges,... ...Perl This Cybersecurity Vulnerability Analyst supports a Vulnerability Disclosure Program...SuggestedFull timeMonday to Friday
- A cybersecurity firm located in Annapolis, Maryland, seeks a Vulnerability Assessment Analyst and Penetration Tester to enhance security measures through continuous assessments and penetration testing. The ideal candidate will possess five years of hands-on experience with...Full time
- Senior Unix and Linux Vulnerability Analyst Job Title: Senior Unix and Linux Vulnerability Analyst Location: Fort Meade, MD 20755 Clearance... ...Subtask 3 - UNIX and Linux Compliance Validation and Support. Assess, audit, review, analyze, validate, and report UNIX and Linux...Full timeTemporary workWork experience placementCasual workWork at office
- Job Title: Senior Database Vulnerability Analyst Location: Fort Meade, MD 20755 Clearance Level: Active Secret Clearance Job Type: Full-Time... ...Partners. Application Compliance Validation and Support Assess, audit, review, analyze, validate, and report database Security...Full timeWork experience placementCasual work
- PD Inc International is seeking a Senior Unix and Linux Vulnerability Analyst to support U.S. government cybersecurity operations at Fort Meade... ...report vulnerabilities in UNIX, Linux, and related assets, assess security controls, and explain risk implications to stakeholders...
$125k - $145k
...cutting-edge capabilities to uncover vulnerabilities, protect vital systems, and ensure operational... ...Position: Senior Web Application Penetration Tester Job Type: Full-time Location:... ...candidates will conduct in-depth assessments of web applications, APIs, mobile...Full timeTemporary workRemote workFlexible hours- Accenture Federal Services in Maryland is seeking a Vulnerability Assessment Analyst to configure and run vulnerability scans, analyze threat intelligence, and translate findings into actionable risk reports for leadership. You will collaborate with ISSEs/ISSOs, develop...
- Gormat is seeking a System Vulnerability Analyst in Maryland to identify vulnerabilities in systems' design and operations. Candidates should have experience with exploitations, computer forensics, penetration testing, and be comfortable conducting network analysis. A...
- ...Overview Tharros is seeking Cyber Security Vulnerability Researcher, Forensic Analyst to conduct digital forensic analysis and incident response in support of NAWCAD Cyber Warfare Division programs at NAS Patuxent River, MD. The CSVR Forensic Analyst applies advanced...
- Senior Network Vulnerability Analyst Location: Fort Meade, MD 20755 Clearance Level: Active Secret Clearance Job Type: Full‑Time PD Inc International is seeking an experienced and mission‑driven Senior Network Vulnerability Analyst to provide Cybersecurity Management...Full timeWork experience placementCasual workWork at office
- We are looking for a System Vulnerability Analyst to identify vulnerabilities of and attacks to the design and operation of a system (H/W, S... ...programming, computer/network security, vulnerability analysis, penetration testing, computer forensics, and/or systems engineering....
- PD Inc International is seeking a Senior Network Vulnerability Analyst to support a U.S. government (DoD) environment, based in Fort Meade, MD. The role requires Active Secret Clearance, full-time commitment, and advanced cybersecurity capabilities. Ideal candidates have...Full timeWork at office
- Tharros is seeking a Cyber Security Vulnerability Researcher, Forensic Analyst to conduct digital forensic analysis and incident response in support of NAWCAD Cyber Warfare Division programs at NAS Patuxent River, MD. The role involves reverse engineering, malware analysis...
- ...response to inquiries or specific incidents. Oversee Security Assessment and Authorization (SA&A) process, including development and... ...140 requirements, asset inventory, configuration management, vulnerability scanning, and patch remediation timelines per CMS policy. Serve...Contract workFor contractorsWork experience placement
$170k - $180k
...experience. Must have experience with penetration testing tools. Must have experience in... ...experience performing IT security risk assessments. Must have experience performing web app... ...: GIAC Web Applications Penetration Tester (GWAPT) Certified Ethical Hacker (CEH)...Contract workTemporary workImmediate startShift work$90k - $120k
...professionals in the following areas: Network Analysts (Cyber, Forensic, Signals, Exploitation etc) Vulnerability Analysts Data Analysts Penetration Testers Malware Analysts Others… Overview Be... ..., comprehensive vulnerability assessments and/or analysis of network...Local areaRemote work$150k
...Guides system development and implementation planning through assessment or preparation of system engineering management plans and... ...program, enforcing security policies and standards. Conduct vulnerability assessments and manage day-to-day security operations. Security...$131.3k - $237.35k
Lead Penetration Tester Join us and make a difference in National Security! Job Summary Leidos... ...tests against systems to determine vulnerabilities and develop mitigation strategies. Perform... ...tests. Perform vulnerability risk assessments. Perform physical penetration tests...Immediate startFlexible hoursShift work- Gormat is seeking a Target Digital Network Analyst (TDNA) in Maryland to analyze network-... ...adversary tactics and support cyber vulnerability efforts. The position involves conducting... ...cryptanalytic work, and vulnerability assessments. A BS degree in a related field is...
$90k - $120k
...professionals in the following areas: Network Analysts (Cyber, Forensic, Signals, Exploitation etc) Vulnerability Analysts Data Analysts Penetration Testers Malware Analysts Others… Overview Be... ..., comprehensive vulnerability assessments and/or analysis of network...Local areaRemote work- ...telecommunications, and information systems security education awareness programs Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system, and external Web integrity scans to determine compliance...
$107.9k - $195.05k
...information systems, managing daily security aspects, evaluating security solutions for classified processing, and conducting vulnerability and risk assessments for accreditation. Managing configuration and system integrity by administering configuration management (CM) for...Contract workImmediate startRelocation packageFlexible hours- ...Evaluates security solutions to ensure they meet security requirements for processing classified information. Performs vulnerability/risk assessment analysis to support certification and accreditation. Provides configuration management (CM) for information system...Contract workWork at officeImmediate startFlexible hours
$10k
...systems, managing daily security aspects, evaluating security solutions for classified processing, and conducting vulnerability and risk analysis/assessments for system authorization. Managing configuration and system integrity by administering configuration...Hourly payFull timeContract workTemporary workWork experience placementSummer workImmediate start- ...enforcement of the design and implementation of trusted relationships among external systems and architectures Support security planning, assessment, risk analysis, and risk management Education & Experience 7 years in a technical discipline or 4 additional years in place of a...Work at officeFlexible hours
- ...lifecycle. You will drive system authorization activities, oversee vulnerability management efforts, and guide remediation strategies to... ...strengthen overall security posture Conduct vulnerability and risk assessments to support accreditation decisions and ensure system...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Vulnerability Assessment Analyst and Penetration Tester. Be the first to apply!

