Senior Penetration Tester (part-time) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Information Systems Solutions, Inc. · 16 hours ago

Senior Penetration Tester (part-time)

positionCharleston,SC,US
timeFull-time, Part-time
remoteOnsite
senioritySenior Level
date5+ years exp

Information Systems Solutions, Inc. (ISS) is seeking an experienced Senior Penetration Tester to join their Security Control Assessment (SCA) team in support of the National Science Foundation (NSF). In this role, you will lead advanced security testing and risk assessment activities across enterprise systems, infrastructure, and cloud environments, evaluating security controls against NIST standards and providing actionable risk guidance.

Information ServicesInformation TechnologySoftware
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Assessment of security policies, procedures and processes against NIST standards
Review of System Security Plans to report on compliance throughout the organization
Provide Quarterly Reports of system security metrics
Collaborate with other SCA Team Members to assess the Confidentiality, Integrity and Availability of systems
Advise Program Management on risk levels and security posture
Recognize possible security violations and takes appropriate action to report the incident, as required
Ensure cybersecurity security requirements are appropriately identified in system environment operation procedures and collect and maintain data needed to meet system IA reporting requirements
Evaluate system POA&Ms, tracking milestones
Prepare Risk Assessment Reports related to Pen Testing Activities
Conduct Red Team, Purple Team activities using government approved toolsets

Qualification

Penetration TestingOffensive SecurityNetworkingApplication SecurityBurp SuiteMetasploitNmapNessusPythonOWASP Top 10Offensive Security CertificationsBashPowerShellJavaScriptSecurity ReportsCybersecurity ToolsCI/CDDevSecOps

Required

Clearance Level: Secret
Certifications (IAT Level II): One of the following: Security+ CE, GIAC Security Essentials Certification (GSEC), Security Certified Network Professional (SCNP), System Security Certified Practitioner (SSCP)
5+ years of hands-on penetration testing or offensive security experience
Strong understanding of networking, operating systems, and application security
Extensive experience with tools such as Burp Suite, Metasploit, Nmap, Nessus, and custom tooling
Proficiency in scripting or programming (Python, Bash, PowerShell, JavaScript, etc.)
Deep knowledge of OWASP Top 10, common attack vectors, and exploitation techniques
Proven ability to write high-quality security reports and communicate risk effectively
Knowledge of cybersecurity tools

Preferred

Offensive security certifications (OSCP, OSCE, CRTO, GPEN, etc.)
Experience with CI/CD and DevSecOps environments

Benefits

Fully vested 401(k) matching program
Coverage of family medical deductibles
Spot bonuses
Educational assistance to further your career

Company

Information Systems Solutions, Inc.

twittertwitter
company-logo
ISS is an innovative information technology (IT) services and solutions provider to the Department of Defense (DoD) and other federal government agencies.
dateFounded in 1997
location
Rockville, Maryland, USA
people-size201-500 employees
web-link
https://issits.com/

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Brian Buran
Chief Operating Officer
linkedin
Company data provided by crunchbase