Penetration Tester
Marathon TS
Penetration Tester
Marathon TS is looking for a Penetration Tester to support our government client. The Penetration Tester will:
- Conduct highly complex offensive security operations testing consistent with known adversary tactics techniques and procedures and contribute to the development of objectives and approaches taken to remediate risk.
- Apply sound technical and management principles to identify and remediate cybersecurity vulnerabilities across the State Department global IT enterprise infrastructure
- Apply organizational and process change principals
- Evaluate system performance results, perform risk assessments, and evaluate performance metrics.
- Responsibilities include:
- Provide ad-hoc penetration testing and assessment services on Department of State systems identified by the leadership.
- Develop, identify and resolve security vulnerabilities related to deployment and testing processes
- Streamline and optimize processes and procedures in order to rapidly remediate vulnerabilities from cybersecurity threats
- Collaborate with Department and external cyber stakeholders on cybersecurity technology implementations to meet specific operational needs.
- Perform technical evaluations of recommended vulnerability mitigation actions and make recommendations based on impact and/or other countermeasures.
- Develop strategies for CIC cyber defense technologies, ensuring integration and alignment for continued operation.
- Conduct assessments of threats and vulnerabilities; determine deviations from acceptable configurations, enterprise, or local policy; assess the level of risk; and develop and/or recommend appropriate mitigation countermeasures in operational and non-operational situations
- Network Mapping include but are not limited to a network map of the organization's system that includes a visual representation of the organization's physical devices and digital network.
- Perform operation and maintenance activities in support of existing CIC cyber tools and technologies (MSV, Qualys, Tenable Nessus and others).
- Identify, diagnose, and prioritize anomalies in cyber defense infrastructure and resources.
- Perform cybersecurity testing of developed applications and/or systems. Identify and direct the remediation of technical problems encountered during testing and implementation of new systems.
- Document security issues and impacts identified through offensive operations in a clear and concise manner to facilitate reporting to impacted stakeholders.
Required Qualifications:
- 4 years Microsoft Operating Systems (OS) engineering and support experience focusing on Active Directory (AD), System Center Configuration Manager (SCCM), System Center Operations Manager (SCOM)
- 4-6 years Network penetration testing experience
- In-depth experience in planning, implementing, and managing large/global enterprise infrastructures
- Familiarity of various analytical tools (Splunk, USBDeview, Netwitness, MimiKatz)
- Understanding of Security Information and Event Management (SIEM) tools (Splunk, McAfee)
- Familiarity of Cobalt Strike, Nessus, Kali Linux, Burp Suite, Nmap and OpenVAS for databases
- Knowledge of general attack stages
- Skill in the use of social engineering techniques and using penetration testing tools
- Familiarity with OMB, NIST, Client, and related security guidelines and directives
- Interpersonal skills including the ability to collaborate effectively, and excellent written and oral communications
- Network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
- Server/endpoint OS (Microsoft, Linux, IOS) along with mobile and cloud technologies.
- Cloud application security, Vulnerability Management and Security Information, and Event Management capabilities.
- Knowledge of identity and access management solutions (MFA, PKI, SAML, etc.)
- Countermeasures / mitigations to identified cybersecurity risks.
- Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration Protocol (DHCP), domain name system, and directory services
- Ability to generate and implement capabilities to monitor organization's network in real-time
- Ability to provide Vulnerability Scanning Risk Assessment
- Information protection technologies (e.g., firewalls, antivirus, threat protection, servers, routers, and others as appropriate).
- Ability to identify and exploit web vulnerabilities (XSS, CSRF, SQLi, SSRF, arbitrary file upload, etc.)
- Ability to identify and exploit mobile vulnerabilities (API issues, insecure storage, memory corruption, deep links, etc.)
Marathon TS is committed to the development of a creative, diverse and inclusive work environment. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at Marathon TS will be based on merit, qualifications, and abilities. Marathon TS does not discriminate against any person because of race, color, creed, religion, sex, national origin, disability, age or any other characteristic protected by law (referred to as "protected status").
$500 per month
...Become a Professional Game Tester We're looking for passionate gamers to join our elite team of mobile game testers. Get paid to play and test the latest games before they launch. $500+ Avg Monthly Pay 5-10 Hours/Week 100% Remote Position Requirements:...SuggestedRemote work10 hours per week$89.74 per hour
Responsibilities Vulnerability management & Remediation understanding in order to interpret remediation documentation and add value to the content Familiar with ServiceNow Knowledge Base Experience with technical documentation auditing & quality assurance Ability to form...Suggested- Information System Security Officer Marathon TS is looking for an Information System Security Officer to support our efforts at DISA. Key Responsibilities: Verify data security access controls based on the Joint Special Access Program Implementation Guide (...SuggestedContract workWork experience placement
- Information System Security Manager (ISSM) We are currently recruiting for an ISSM who will be take responsibility for classified programs Cybersecurity/Risk Management Framework (RMF) posture in accordance with government directives and program requirements. In ...SuggestedFor contractorsLocal area
- A healthcare company is seeking a Revenue Cycle EDI Systems Analyst responsible for optimizing revenue cycle systems and ensuring compliance with regulations. You will support billing processes, analyze data trends, and collaborate with teams to enhance system functionality...SuggestedRemote work
$60.8k - $82.9k
Become a part of our caring community As a Revenue Cycle EDI Systems Analyst , you will report to the VP, RCM. You will be responsible for supporting, monitoring, and optimizing revenue cycle systems utilized by the FSU. You will ensure accurate and timely billing...Bi-weekly payTemporary workApprenticeshipWork at officeRemote workWork from homeHome office$57.7k
Company : enGen Job Description : Job Summary This job is responsible for configuring, rolling out, and supporting the assigned Epic Orders application(s). Responsibilities include business/systems analysis, requirements definition and documentation, system design, and...For contractorsWork experience placementWork at officeLocal areaRemote work$121.4k - $218.6k
Do you relish the prospect of working with cutting-edge network routers and switches? Do you enjoy validation of internet routing protocols at full internet scale? Join our Networks SQA team! Our Networks Software Quality Assurance (SQA) team ensures our global platform...Work experience placementWork at officeWorldwide- Red Orange Studio, a creative agency and certified B Corp based in Richmond, VA, is growing—and we want you to create impact with us. We’re looking for an SEO Strategist who can help purpose-driven organizations increase visibility, strengthen their digital presence, and...Work at officeLocal areaFlexible hours
$55k - $58k
...JR QA Tester I.T. Excel is a new breed of service firm - an industry-focused consulting and integration firm offering a broad range of solution offerings to clients from a broad range of industries. ITE is an end-to-end global consulting & solutions company with over...Full timeRelocationRelocation package$179.4k - $204.7k
Lead Cyber Cryptographic Engineer As a Cyber Cryptographic Engineer at Capital One, you will play a critical role in securing our cloud platforms and applications. You will specialize in cryptographic solutions, key management, and enterprise security platforms for ...Full timePart timeH1bLocal areaFlexible hours- Platform Security Architect Duties/Responsibilities: • As part of a team, ensure the adoption of security architecture and engineering initiatives in order to effectively and securely support the organization in meeting specific business technology needs. ...
- IT Security Architect Responsibilities: ~10+ years of experience as IT Security Architect ~ Experience of NIST 800-53 rev 5 ~ Experience of System Security Plan creation and documentation ~ Experience of cloud infrastructure and security for a multi-tenant...
- IT Security Architect Richmond, VA - Hybrid Need local to VA candidates only. ABOUT THE ROLE This position is for the remediation of the existing SSP and baseline backlog of submitting new requests Ensure that the Commonwealth of Virginia's security...Local area
$110k
Job Seekers can review the Job Applicant Privacy Policy by clicking here ( . Job Description : SUMMARY We seek a highly motivated and experienced Application Security Engineer to join our growing security team. This role is highly technical and candidates must...Full time$105.79k - $141.05k
Lumen is the trusted network for the AI‑powered world, connecting people, data, and applications through our expansive fiber network and connected ecosystem. We enable secure, high‑performance connectivity across cloud, edge, and AI workloads for enterprises, governments...Temporary workRemote work- Project Architect Interested in making your mark at a 100% employee-owned firm? Wiley|Wilson, with 190+ employee-owners serving clients across five locations, is looking for the right person to grow with us! We are currently seeking a Project Architect to join our...Local areaWork from home
- Architect Richmond, VA 23225 Position Summary The Architect is responsible for leading the planning, design, and architectural execution of new hotel developments, property renovations, adaptive reuse projects, and capital improvement initiatives across the Shamin...For contractorsWork at officeLocal area
- Job Description Licensed Architect / Project Architect Competitive Compensation + Full Benefits Are you a Licensed Architect looking for an opportunity where you can take ownership of projects, influence design, and continue growing your career within...
- Company Description CapTech is an award-winning consulting firm that collaborates with clients to achieve what's possible through the power of technology. At CapTech, we're passionate about the work we do and the results we achieve for our clients. From the outset...Work at officeRemote workVisa sponsorshipWork visaFlexible hours
- rchitect Richmond, V SUMMARY We are seeking a seasoned Project Architect with 5-10 years of professional experience to join our dynamic team. The ideal candidate will be a complimentary addition to our design team, and capable of immediately playing ...Temporary workWork at officeImmediate start
$125k - $155k
Growing Firm! Exciting Projects! This Jobot Job is hosted by: Lincoln Sprague Are you a fit? Easy Apply now by clicking the "Quick Apply" button and sending us your resume. Salary: $125,000 - $155,000 per year A bit about us: Based in New York with offices across the country...Permanent employmentLocal area- Job Summary This position is in the Division of Facilities Management & Safety. The architect administrates capital construction projects across the main campus and at regional campuses. The Capital Construction Project Administrator will be responsible for ensuring that...Work at office
- ...Proven experience in software development lifecycle security practices. Advanced knowledge of threat modeling, security testing, and penetration testing. Experience implementing and managing complex information security technologies. Preferred Qualifications 7+ years Cloud...Full timePart timeShift workDay shift
$67 - $87 per hour
Job Title: System Analyst 4 Work Type: Hybrid Location: Richmond, VA 23219 Start Date: 08/03/2026 End Date: 08/03/2027 Industry Category: Information Technology / Investment Services Employment Type: 1099 Contract Requisition ID: 806546 Overview We are seeking ...Hourly payContract work- Benefits: Dental insurance Health insurance Vision insurance System Analyst 4 (Business Systems Analyst) Location: Virginia Work Arrangement: Hybrid Interview Process: Web Cam Interview Only Employment Type: Contract (12 Months with Possible Extension) Job ...Full timeContract workWork at office
$67 - $87 per hour
Job Title: System Analyst 4 Work Type: Hybrid Location: Richmond, VA 23219 Start Date: 08/03/2026 End Date: 08/03/2027 Industry Category: Information Technology / Government Services Employment Type: 1099 Contract Requisition ID: 806542 Overview We are seeking ...Hourly payContract work$112.16k - $201.89k
Anticipated End Date: 2026-07-15 Position Title: Information Security Advisor Job Description: Information Security Advisor Location: This role requires associates to be in-office 1 - 2 days per week, fostering collaboration and connectivity, while providing flexibility...Full timeContract workTemporary workWork experience placementWork at officeLocal area2 days per week1 day per week- Senior Cloud Security Engineer Preferred location Chicago, IL but will consider candidates based in Georgia, North Carolina, Texas, Virginia, Maryland, Ohio or Louisiana. Must have the ability to travel to the Chicago, IL office as required. What will your day look...Work at officeLocal area
$130k - $160k
Job Description We are looking for a senior SAP WM specialist who operates at a solution architect level while still being highly hands-on in configuration and execution. This role is heavily focused on SAP Warehouse Management (WM) — not a general SAP or MM/WM hybrid...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Penetration Tester. Be the first to apply!


