Job Description

Red Team Penetration Tester

Our client, a large veteran-owned federal contractor is seeking A Red Team Penetration Tester for a long-term DoD program in Virginia Beach, VA. As a Red Team Offensive Penetration Tester you will bring extensive experience in COMSEC management, tactical network configuration, and collaboration with cross-functional personnel to maintain secure communications capabilities in support of critical operations.

Responsibilities:

- Develop, modify, and utilize offensive security tools such as Metasploit, NMAP, Kali Linux, and Cobalt Strike
- Mimic threat actor behavior using TTPs aligned with frameworks like MITRE ATT&CK
- Conduct assessments across multiple operating systems including Linux, Windows, and macOS
- Perform exploit development and identify zero-day or previously unknown vulnerabilities
- Analyze, identify, and remediate gaps in offensive tools and development techniques
- Perform development with at least two scripting or programming languages (Python, C+, Java, Rust, Assembly, C#, etc.) in support of exploit development

This is a proposal effort and the award is expected October 2025. Selected candidates will be asked to sign a Letter of Intent (LOI).

Required Skills

- Must be US Citizen due to client requirement
- Must have an active TS/SCI Clearance

Required:

- Minimum 10 years with BS/BA (4 years of additional related experience may be considered in lieu of Bachelors)
- In-depth understanding of computer security, military system specifications, and DoD cybersecurity policies
- Ten (10) years of full-time professional experience conducting penetration testing and/or offensive Cyber operations including demonstrated experience in each of the following areas:
- Developing and utilizing penetration tools such as Metasploit, NMAP, Kali Linux, Cobalt Strike
- Mimicking threat behavior and adversary emulation
- Utilizing various operating systems (Linux, Windows, MAC OS)
- Utilizing Active Directory
- Performing exploit development
- Identifying gaps in tools and development techniques
- Performing development with at least two scripting or programming languages (python, C+, Java, Rust, Assembly, C#, etc.)

- Must possess one or more of the following DoD 8570.01-M CSSP Auditor certifications:
CEH
CySA+
CISA
GSNA
CFR
PenTest+

- Must possess Offensive Security Certified Professional (OSCP) certification
- Must possess one or more of the following certifications:
Offensive Security Certified Expert (OSCE)
Offensive Security Exploitation Expert (OSEE)
Offensive Security Wireless Professional (OSWP)

Apply Now

Job Tags

Full time, For contractors,

Similar Jobs