Lead Penetration Tester (Higher Education Environment) jobs in United States
cer-icon
Apply on Employer Site
company-logo

V Group Inc. · 11 hours ago

Lead Penetration Tester (Higher Education Environment)

positionOhio, United States
timeContract
remoteOnsite
seniorityMid, Senior Level
date3+ years exp

V Group Inc. is seeking a qualified penetration testing partner to conduct external and internal penetration testing across a diverse higher-education environment. The role emphasizes actionable, risk-prioritized findings and a strong focus on confidentiality and data security.

ConsultingE-CommerceInformation TechnologyMobileSoftware
check
H1B Sponsor Likelynote
Hiring Manager
Sandeep Soman
linkedin

Responsibilities

Plan and execute an internal and external penetration test over a one-week window, using a recognized methodology (e.g., PTES or NIST SP 800-115 equivalent)
Perform authenticated and unauthenticated testing as appropriate, including targeted exploitation of validated vulnerabilities discovered during reconnaissance and scanning
Adhere to least-disruptive practices and request Miami University’s account lockout policy in advance to prevent unnecessary disruption
Immediate Notification: For any Critical severity discovery (e.g., remote code execution, active compromise), notify the CISO and Internal Audit and Consulting Services (IACS) within four (4) hours of discovery. Provide a written summary describing:
Affected assets
Exploit vector and conditions
Potential impact and blast radius
Recommended immediate containment/mitigation steps
Comprehensive Report including:
Executive Summary for leadership and non-technical stakeholders
Technical Report for IT staff with detailed findings
Proof-of-Concept (PoC) evidence (screenshots, payloads redacted as necessary, commands, and reproducibility steps)
Risk ratings and prioritized recommendations
Mapping to industry frameworks (e.g., NIST and PTES controls and phases)
Formal Presentation of findings to IACS and the CISO upon completion
Conduct one (1) remediation retest within 90 days of the final report to validate fixes for all Critical and High findings. Provide an addendum report documenting retest results and residual risk
Use strong encryption in transit (e.g., TLS 1.2+ with modern cipher suites) and at rest (e.g., AES-256 or equivalent)
Ensure secure key management and restrict storage of University data to approved encrypted repositories
Limit access strictly to authorized, credentialed testers named in the engagement letter/SOW
Implement MFA and role-based access, with activity logging and least privilege
Securely delete all University-specific data within 30 days of final report acceptance in accordance with state-mandated retention requirements
Provide a written certificate of destruction upon completion

Qualification

OSCPGPENPTESNIST SP 800-115Penetration TestingData HandlingEncryptionVLAN TestingExecutive PresentationOperational SecurityThreat Landscape FamiliarityCommunication

Required

Lead Tester Certification: OSCP, GPEN, or equivalent technical penetration testing certification
Demonstrated testing approach aligned to PTES or NIST SP 800-115 (or equivalent industry-recognized standards)
3–5+ years in offensive security/penetration testing across enterprise/higher-ed or similarly complex environments
Proven track record executing scoped, time-boxed engagements with clear ROE and critical-issue escalation
Ability to produce executive-level summaries and deep technical documentation
Comfortable presenting to executive leadership, audit, and technical teams
Strong data handling, encryption, and operational security practices
Familiarity with common higher-ed threat landscape and operational constraints

Preferred

Experience with segmentation testing across large VLAN estates (1,000+ VLANs)
Familiarity with higher education IT governance and coordination with internal audit
Experience running safe exploit validation against public IP ranges (100+) and complex subdomain footprints (1,000+)
Familiarity with mapping findings to NIST CSF, NIST 800-53, CIS Controls, or similar frameworks

Company

V Group Inc.

twittertwittertwitter
company-logo
Since 1999, V Group Inc.
dateFounded in 1999
location
Cranbury, New Jersey, USA
people-size51-200 employees
web-link
http://www.vgroupinc.com

H1B Sponsorship

V Group Inc. has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (1)
2024 (1)
2023 (3)
2022 (1)
2020 (1)

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Vijay Kumar Palandurkar
CEO
linkedin
Company data provided by crunchbase