Lead Penetration Tester TS/SCI Polygraph jobs in United States
cer-icon
Apply on Employer Site
company-logo

Leidos · 2 months ago

Lead Penetration Tester TS/SCI Polygraph

positionAnnapolis Junction, MD
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$126K/yr - $228K/yr
date12+ years exp

Leidos has a new and exciting opportunity for a Lead Penetration Tester in their National Security Sector's Cyber & Analytics Business Area. The selected candidate will work on a team of cyber Subject Matter Experts to provide support for preventing, identifying, containing, and eradicating cyber threats to networks.

ComputerGovernmentInformation ServicesInformation TechnologyNational SecuritySoftware
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Perform internal and external pentests against systems to determine vulnerabilities and develop mitigation strategies
Perform web app pentests
Perform vulnerability risk assessments
Perform physical pentests and social engineering analysis
Perform cyber incident response as needed
Evaluate the impact of new development on the operational security posture of IT systems
Evaluate, review, and test critical software
Formulate security compliance requirements for new system features
Identify and remediate security issues throughout the system
Audit and assess system security configuration settings using common methodologies and tools
Work with development teams to enrich team-wide understanding of different types of vulnerabilities, attack vectors, and remediation approaches
Work closely with System Engineering, Test Engineering, and Integration teams to ensure hardware and software architecture and implementations meet strict security requirements
Propose, assess, coordinate, implement, and enforce information systems security policies, standards, and methodologies
Serve as a Subject Matter Expert in security architecture, to include providing advice to Program Managers, Customer technical experts, and internal program teams

Qualification

Penetration testing toolsWeb application testingCyber Kill Chain methodologyRisk Management FrameworkPythonJavaBurp SuiteKaliCISSPIncident responseCollaborationProject management

Required

Bachelor's degree in a technical/information assurance field and at least 12 years of prior relevant experience. Additional years of experience and/or cyber certifications may be considered in lieu of a degree
Must have experience with penetration testing tools
Must have experience in web development and programming languages such as Java, XML, Perl and HTML
Must have experience with programming/scripting in Python, Powershell, C, JavaScript, etc
Must have extensive experience performing IT security risk assessments
Must have experience performing web app and physical pentests
Must have experience with or strong familiarity of the following Web Application tools; Burp Suite, Web Inspect, Appdetective
Must have experience with or strong familiarity of Kali
Must have experience with or strong familiarity of IPS/IDS solutions
Must have a strong understanding of the Cyber Kill Chain methodology
Must have experience applying Risk Management Framework
Must have experience with secure configurations of commonly used desktop and server operating systems
Must have the ability to effectively collaborate with technical staff and customers to form mitigation strategies and plan for continuous modernization and legacy integration
Must have experience managing multiple projects simultaneously and quickly and effectively adjusting to shifting priorities in resolving issues

Preferred

Certifications in one or more of the following areas strongly preferred: GIAC Web Applications Penetration Tester (GWAPT), GIAC Penetration Tester (GPEN), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), Certified Web Application Defender (GWEB), Certified Information System Security Professional (CISSP)
Extensive experience developing/implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response
Extensive experience providing information assurance support for application development that includes system security certifications and project evaluations for firewalls that encompass development, design, and implementation

Benefits

Paid Time Off
11 paid Holidays
401K with a 6% company match and immediate vesting
Flexible Schedules
Discounted Stock Purchase Plans
Technical Upskilling
Education and Training Support
Parental Paid Leave
And much more.

Company

Leidos

twittertwittertwitter
Glassdoor3.9
company-logo
Leidos is a Fortune 500® innovation company rapidly addressing the world’s most vexing challenges in national security and health.
dateFounded in 1969
location
Reston, Virginia, USA
people-size10001+ employees
web-link
https://www.leidos.com/

Funding

Current Stage
Public Company
Total Funding
unknown
2025-02-20Post Ipo Debt
2013-09-17IPO

Leadership Team

leader-logo
James Carlini
Chief Technology Officer
linkedin
leader-logo
Theodore Tanner
Chief Technology Officer
linkedin

Recent News

Fortune
Fortune 500 Power Moves: Which executives gained and lost power this week
2025-12-20
MarketScreener
Leidos Names Theodore Tanner Chief Technology Officer
2025-12-16
Benzinga.com
Citigroup, Leidos Holdings And More On CNBC's 'Final Trades'
2025-12-16
Company data provided by crunchbase