Apply on Employer Site

MGT · 6 hours ago

Systems Engineer III, Cybersecurity Penetration Tester

Norcross, GA

Full-time

Hybrid

Senior Level

5+ years exp

MGT is a leading provider of technology and advisory solutions serving state, local, and education government agencies across the United States. The Systems Engineer III, Cybersecurity Penetration Tester, is responsible for planning, executing, and leading complex security assessments across various environments while mentoring junior testers and collaborating with client teams.

ConsultingInformation Technology

Responsibilities

Plan, execute, and lead complex penetration tests, including internal, external, web application, network, mobile, IoT, API, social engineering, and cloud (e.g., AWS, Azure) assessments

Perform red team engagements to simulate attacks and advanced persistent threats, highlighting gaps in security controls; some travel and on-site engagements required

Identify, exploit, and document vulnerabilities using manual and automated techniques, adhering to methodologies and frameworks like OWASP Top 10, PTES, and MITRE ATT&CK

Analyze testing results, assess risks, and produce detailed reports with findings, exploitation procedures, risk ratings, and actionable remediation recommendations

Collaborate with client development, IT, and security teams to validate fixes, retest vulnerabilities, and improve overall security practices

Mentor junior penetration testers, provide training on tools and techniques, demonstrate continuous learning, and contribute to team knowledge sharing

Develop or customize scripts, tools, and methodologies to enhance testing efficiency and coverage

Stay current with emerging threats, vulnerabilities, exploits, and offensive security trends

Communicate technical findings clearly to non-technical stakeholders, including senior management

Qualification

Penetration testingAdvanced security certificationsSecurity assessment toolsRed teamingExploit developmentNetwork protocolsOperating systemsVulnerability assessmentAnalytical skillsScripting languagesProblem-solving skillsCommunication skillsTeam collaboration

Required

Bachelor's degree in computer science, Information Security, Cybersecurity, or related field (or equivalent experience)

Five (5) or more years of hands-on experience in penetration testing or ethical hacking, preferably in enterprise or regulated environments

Advanced security-related industry certifications (e.g., OSCP, GPEN) required

Advanced proficiency with tools such as Burp Suite, Nmap, Metasploit, Nessus, Kali Linux, Wireshark, Social Engineering Toolkit, and cloud-specific testing frameworks

Thorough understanding of Adversary TTPs and ability to emulate them in assessments

Strong knowledge of network protocols, operating systems (Windows, Linux), web technologies, and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25)

Experience in red teaming, vulnerability assessment, and reporting

Excellent problem-solving, analytical, and communication skills (written and verbal)

Ability to work independently and lead engagements while collaborating in a team environment

Proficient in exploit development and scripting languages such as Python, Ruby, Go, etc

Preferred

Preferred certifications: Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT), or other relevant certifications (OSCE, GXPN, CEH, or equivalent)

Benefits

Flexible paid time off

5% 401K matching program

Equity opportunities

Incentive and bonus programs

Up to 16 weeks of paid parental leave

Flexible spending accounts

Full-health benefits with base employee coverage fully funded, comprising: Medical, dental, and vision coverage, Life insurance, Short and long-term disability coverage, Income protection benefits