Penetration Tester
ANALYGENCE Inc
Description Tharros has an immediate opportunity to support the US Navy with operational test and evaluation support. The Penetration Tester will assist in the development of cyber test plans, execute cyber tests, and report cyber test results. In this role you will conduct cyber tests on operational systems, in laboratory environments, or in cyber range environments. Testing may be against physical, virtualized, or cloud-based systems. This position shall leverage all authorized resources and analytic techniques to penetrate/access targeted networks and systems under test in support of OPTEVFOR's cyber OT&E mission. Team member will perform these duties under the supervision of the 01D Cyber Operations Officer.
- Review and become proficient in OPTEVFOR cyber T&E concept of operations, SOPs, policies and guidance.
- Maintain and participate in the development of 01D SOPs and documentation for DCAT authorization established in DoDI 8585.01.
- Research, review, prioritize, and submit operational requirements for acquisition of equipment or cyber capabilities, following the 01D tool approval process.
- Support development and execution of TTPs for penetration testing or Red Teaming.
- Research adversary cyber actors' TTPs, organizational structures, capabilities, personas, and environments, and integrate findings into cyber survivability test planning and execution.
- Participate in OPTEVFOR Cyber Test planning:
- Conduct open-source research and system under test documentation review to familiarize with the system's mission, architecture and interfaces including critical components to identify its attack surface and threat vectors
- Participate in check point meetings
- Support development of test plan objectives
- Review test plans, ensuring that test plans objectives are feasible
- Participate in test planning site visits
- Participate in test preparation:
- Participate in site pre-test coordination visits. Support in-brief to the test site.
- Support red team test plan review
- Add relevant system technical information to test reference library
- Organize and support research presentations for advanced capability development in support of future tests
- Prepare OPTEV-RT test assets (Government Furnished)
- Execute test events, including Cooperative Vulnerability Penetration Assessments, Adversarial assessments, and Cyber Tabletops, in support of Operational Testing, Developmental Testing, risk reduction events, or other events, as assigned.
- Use OPTEVFOR provided and NAO approved commercial and open-source network cyber assessment tools (e.g. Core Impact, Nmap, Burp, Metasploit, and Nessus).
- Employee ethical hacking knowledge to exploit discovered vulnerabilities and misconfigurations associated with but not limited to operating systems (Windows, Linux, etc.), protocols ( FTP, etc.), and network security services (PKI, etc.) to accomplish test objectives
- Be able to accomplish testing independently
- Ensure tests are conducted safely, in accordance with the test plan, and OPTEVFOR policies are adhered to
- Follow Joint Forces Headquarters (JFHQ)-DODIN deconfliction procedures
- Verify collected data for accuracy and completeness
- Participate in the post-test iterative process, including generation of documents (e.g. deficiency/risk sheets).
- Document lessons learned.
- Participate in capture the flag events, cyber off sites, external engagements such as red team huddles and red team technical exchange meetings; develop required products and materials in support of these events.
- Attend OPTEVFOR required meetings in support of OT&E.
- Generate and update documentation to maintain DCAT authorization compliance per DoDI 8585.0.
- Process exfiltrated data for analysis and/or dissemination to customers.
- Test and evaluate locally developed tools for operational use and implementation.
- Minimum 3 years' experience performing any combination of: penetration testing, red teaming, or exploitation development.
- Minimum 3 years' with proficiency in leading red team operators in penetration testing/red teaming to accomplish assigned test objectives.
- Offensive Security Certified Professional (OSCP), OSCE, GX-PT, GXPM, PNPT, or HTB CPTS required.
- Proficient in multiple offensive tools, including:
- Metasploit, Cobalt Strike, Core Impact, Burp Suite, Nessus, SharpHoundBloodHound
- Ability to validate functionality and safety of offensive tools (e.g. exploits) given the source code and document the results.
- Ability to detect malicious activity of a program using dynamic analysis techniques and document the results.
- Independently operate to conduct penetration testing/red teaming to accomplish assigned test objectives.
- Skill in assessing current tools to identify needed improvements.
- Skill in knowledge management, including technical documentation techniques (e.g., Wiki page).
- Knowledge of current software and methodologies for active defense and system hardening.
- Knowledge of encryption algorithms and cyber capabilities/tools (e.g., Transport Layer Security, Pretty Good Privacy).
- Knowledge of evasion strategies and techniques.
- Knowledge of forensic implications of operating system structure and operations.
- Knowledge of host-based security products and how they affect exploitation and vulnerability.
- Knowledge of network administration.
- Knowledge of network construction and topology.
- Knowledge of security hardware and software options, including the network artifacts they induce and their effects on exploitation.
- Knowledge of security implications of software configurations.
- Knowledge of the fundamentals of digital forensics in order to extract actionable intelligence.
- Knowledge of cryptologic capabilities, limitations, and contributions to cyber operations.
- Knowledge of Unix/Linux and Windows operating systems structures and internals (e.g., process management, directory structure, installed applications).
- Knowledge of network collection procedures to include decryption capabilities/tools, techniques, and procedures.
- Process exfiltrated data for analysis and/or dissemination to customers.
- Test and evaluate locally developed tools for operational use.
- Skill in testing and evaluating tools for implementation.
- Proficient in Microsoft Office Suite to include Teams or similar workplace chat and videoconferencing tools.
- Excellent written and verbal communication skills.
Vacancy posted 4 days ago
Similar jobs that could be interesting for youBased on the Penetration Tester in Norfolk, VA vacancy
- We are an employee-centric company that truly appreciates our team members and their value to our customers and the missions they support. We pride ourselves on being forward-leaning thinkers and fostering teams that are and continue to be technically proficient and technically...SuggestedFull time
- Predicate Logic is seeking a motivated Computer Systems Analyst to join our team at the Naval Information Warfare Center - Atlantic (NIWC-A) in Portsmouth, VA. Founded in 1992, Predicate Logic is a woman-owned, employee-owned, high-technology engineering service...SuggestedRemote work
- U.S. Citizenship required for most positions. Position: IT Systems Analyst (Job ID: 1366) Location: Norfolk, VA Job Id: 1366 # of Openings: 1 IT Systems Analyst Purpose Colonna’s Shipyard is seeking a highly skilled and detail-oriented IT Systems Analyst to join our IT...SuggestedFull timeCasual workWork at office
- Job Description: Job Summary We are seeking a mission-focused HCL Domino Systems Administrator to support 24/7/365 operations, maintenance, and sustainment of enterprise-level messaging systems enabling global fleet operations and communications. This role involves...SuggestedRemote workNight shift
- Trinnex, located in Norfolk, Virginia, is looking for a Senior Cyber Security Analyst to enhance the security posture of software systems supporting water utilities. The successful candidate will focus on vulnerability management and embed security within the software ...Suggested
$102.17k
...., APTs, data breaches), including forensic analysis and root cause determination. Design and execute vulnerability assessments, penetration tests, and simulated attack scenarios across infrastructure and applications. Partner with IT and software development teams to remediate...H1b$89.1k - $148.2k
Description & Requirements Shape the future of defense with MANTECH! Join a team dedicated to safeguarding our nation through advanced tech and innovative solutions. Since 1968, we’ve been a trusted partner to the Department of Defense, delivering cutting-edge projects...Hourly payContract workTemporary workWork experience placementWork at officeLocal areaRemote work- Description About Us At Soracom, our mission is Making Things Happen , For a World That Works Together . We believe connectivity has the power to transform industries, enable innovation, and help businesses solve real-world challenges. From startups launching...Temporary workRemote workFlexible hours
- As an SEO specialist, you will be responsible for optimizing our home service clients’ portfolios for search engines and driving traffic to their websites. You will work closely with our chief strategist and content team to develop and implement effective SEO strategies...Local areaRemote work
$48.53 per hour
Flexible, hourly assignments supporting City IT projects. Ideal for professionals seeking short-term or rotational roles in public sector technology. Ideal for candidates based in the Hampton Roads area, including Suffolk, Chesapeake, Norfolk, Portsmouth, and Virginia ...Hourly payFull timeTemporary workFlexible hours- Cybersecurity Analyst Connect Talent Solutions is a fast growing, innovative staffing firm offering direct placement, contract and contract to hire solutions. We are uniquely positioned and experienced to support your requirements from IT and engineering to general ...Contract workWork at office
- Summary The Epic Revenue Cycle Systems Analyst is a Revenue Cycle-embedded analyst responsible for the functional support, optimization, and issue resolution of Epic Hospital Billing (HB), Professional Billing (PB), and Claims workflows. The role reports directly to the...
- Trinnex is seeking a Senior Cyber Security Analyst to ensure the security of software systems utilized by water utilities and infrastructure. This role blends cybersecurity with DevSecOps, focusing on safeguarding applications and infrastructure. You will lead in advanced...
$120k - $135k
Candidates must be authorized to work in the United States without the need for current or future visa sponsorship General Summary: The IT Disaster Recovery Manager is responsible for developing, governing, and continuously improving the enterprise Disaster Recovery (DR...Full timeVisa sponsorship- Anovia is looking for a Fortinet-certified engineer for a full-time, onsite contract position in Virginia. This role involves managing, troubleshooting, and maintaining the Fortinet security infrastructure, ensuring high availability and disaster recovery readiness. The...Full timeContract work
- Moffatt & Nichol in collaboration with Waggonner & Ball, a Moffatt & Nichol Studio, are actively seeking a Senior Architect with 15+ years of experience to help expand our footprint into the Mid-Atlantic! This is an amazing opportunity with high visibility working directly...For contractorsWork at officeLocal areaWorldwide
$105.79k - $141.05k
Lumen is the trusted network for the AI‑powered world, connecting people, data, and applications through our expansive fiber network and connected ecosystem. We enable secure, high‑performance connectivity across cloud, edge, and AI workloads for enterprises, governments...Full timeTemporary workRemote work- Architectural Designer / Architect (Hybrid) We are partnering with a multi-discipline architecture firm seeking a team-oriented Architectural Designer or Architect. This role is focused on hands‑on production work, supporting project teams across design and documentation...Work at office
- CJ Architects is a full-service architectural firm specializing in mixed use, multifamily, commercial, and historic designs. Located in Historic Downtown Portsmouth, NH, our office is within walking distance of the waterfront, fantastic restaurants, shops, and many popular...Full timeWork at office
$112.16k - $201.89k
Anticipated End Date: 2026-07-15 Position Title: Information Security Advisor Job Description: Information Security Advisor Location: This role requires associates to be in-office 1 - 2 days per week, fostering collaboration and connectivity, while providing flexibility...Full timeContract workTemporary workWork experience placementWork at officeLocal area2 days per week1 day per week- CyberSecurity Architect Chesapeake, VA Job Description Responsibilities Overview: The CyberSecurity Architect is responsible for designing and implementing secure architectures across both cloud and on-premises environments, grounded in comprehensive frameworks...
- ## Technical Project ManagerApplylocations: US - VA, Norfolktime type: Full timeposted on: Posted Todayjob requisition id: 41680**Job Family:**Technology Consulting**Travel Required:**Up to 10%**Clearance Required:**Active Secret**What You Will Do:*** Lead planning, execution...Temporary workFlexible hours
$120.87k - $205.49k
Job Description BAE Systems is seeking a Project Manager who embraces challenges and is a motivated self-starter. This position will be an integral part of a diverse team of professionals and subject matter experts fulfilling challenging technical requirements for our...Full timeWork at officeLocal areaRelocation$88k - $132k
Role description Technical Project Manager Project Manager I Who We Are: Born digital, UST transforms lives through the power of technology. We walk alongside our clients and partners, embedding innovation and agility into everything they ...Full timeTemporary workPart timeWork at officeLocal areaRemote workFlexible hours$25 - $45 per hour
...GL1 is seeking Product Testers to work from home across the United States. This role allows for flexible hours, ensuring 15-25 hours of work per week with competitive hourly pay between $25 to $45 depending on the project. No experience is necessary, making it perfect...Hourly payWeekly payRemote workWork from homeFlexible hours$25 - $45 per hour
...Online Consumer Panels America is seeking Product Testers to work from home across the US. This entry-level position offers 15-25 hours of flexible work each week, with pay ranging from $25/hr. to $45/hr. No experience is necessary as all training will be provided....Weekly payRemote workWork from homeFlexible hours$25 - $45 per hour
...Product Testers are wanted to work from home nationwide in the US to fulfill upcoming contracts with national and international companies. We guarantee 15-25 hours per week with an hourly pay of between $25/hr. and $45/hr., depending on the In-Home Usage Test project....Hourly payWeekly payExtra incomeTemporary workPart timeFor contractorsSeasonal workRemote workWork from homeFlexible hours$500 per week
...assignment. Up to $500 per week. Location: Remote (USA) Company: ProductReviewJobs Thank you for your interest in becoming a Paid Product Tester. This opportunity is for completing market research opportunities with independent brands via online or phone. Online studies...Remote work$25 - $45 per hour
...GL Inc. is seeking Product Testers to work from home across the United States. This role offers 15-25 flexible hours per week with competitive hourly pay ranging from $25 to $45. Ideal candidates are detail-oriented, able to follow instructions, and possess communication...Hourly payWeekly payRemote workWork from homeFlexible hours- 191 Altera Corporation seeks a SatCom, ISR, and Space Payload Architect based in Portsmouth, Virginia. This position focuses on architecting FPGA-based solutions for satellite communications, ISR, and onboard space payload processing. The candidate should have 8+ years ...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Penetration Tester. Be the first to apply!


