Aretum ยท 16 hours ago
Vulnerability Assessment / Penetration Testing Specialist - Contingent
Washington, DC
Full-time
Hybrid
Mid Level
3+ years expAretum is a mission-driven organization committed to delivering innovative, technology-enabled solutions to customers across defense, civilian, and homeland security sectors. The Vulnerability Assessment / Penetration Testing Specialist performs security testing of government systems to identify vulnerabilities, validate exploitability/impact, and provide clear remediation guidance.
ConsultingInformation Technology
No H1B
U.S. Citizen Only
Responsibilities
Perform vulnerability assessments and penetration testing of government systems and applications in accordance with approved rules of engagement and testing plans
Execute technical testing activities (e.g., reconnaissance, scanning, enumeration, validation/exploitation where authorized) and document evidence, risk, and impact
Assess systems and networks to identify deviations from acceptable configurations and security policy, and translate findings into prioritized remediation actions
Support secure network design reviews by analyzing network architecture, trust boundaries, segmentation, and exposed services to identify risk and attack paths
Contribute to project delivery by estimating effort, tracking tasks, communicating blockers, and supporting status reporting and deliverable timelines
Produce high-quality technical write-ups and executive-ready summaries, including reproduction steps, affected assets, severity rationale, and remediation recommendations
Retest/validate remediation and provide closure evidence for resolved vulnerabilities as required by the engagement and client process
Maintain careful handling of sensitive information and ensure testing remains ethical, authorized, and auditable
Qualification
Required
Minimum 3 years of experience performing vulnerability assessments and/or penetration testing
Demonstrated experience in project management, network design, and testing the security of government systems to identify vulnerabilities
Working knowledge of common testing methodologies and security testing lifecycle concepts (planning, execution, analysis, and mitigation support)
Ability to clearly document findings with strong technical writing and evidence-based reporting
Familiarity with Windows/Linux fundamentals, TCP/IP networking, and common enterprise services (AD, DNS, web apps, APIs, VPNs)
Web application security testing experience aligned to OWASP testing practices
Experience working in federal or similarly regulated environments with strict authorization, documentation, and evidence requirements
Preferred
Bachelor's degree in information systems, Computer Science, Engineering or related field
GIAC Web Application Penetration Tester (GWAPT)
Certified Ethical Hacker (CEH)
GIAC Systems and Network Auditor (GSNA)
Certified Penetration Tester (CPT)
Certified Expert Penetration Tester (CEPT)
GIAC Certified Web Application Defender (GWEB)
Offensive Security Certified Professional (OSCP)
CREST Penetration Testing Certifications
Benefits
Health Care Plan (Medical, Dental & Vision)
Retirement Plan (401k)
Life Insurance (Basic, Voluntary & AD&D)
Paid Time Off
Family Leave (Maternity, Paternity)
Short Term & Long-Term Disability
Training & Development
Company
Aretum
ARETUM is a government contracting company specializing in technology-enabled mission support services for the Department of Defense.
501-1000 employees
Funding
Current Stage
Late StageLeadership Team
Bobby Frazitta
Vice President of People
Tiffany Bailey
Executive Vice President
Recent News
Washington Technology
2025-12-13
Venture Capital
2025-12-13
Company data provided by crunchbase