We are seeking a highly skilled and proactive Penetration Testing SME to join our Cybersecurity team. As a Penetration Testing SME, you will play a critical role in protecting our clients' infrastructure and data by identifying, testing, and validating security weaknesses across networks, systems, applications, and cloud environments. You will work closely with security engineers, incident responders, system owners, and other stakeholders to assess risk, recommend remediation strategies, and strengthen overall defensive posture. This role also requires the ability to train, mentor, and upskill analysts and team members in penetration testing methodologies, offensive security techniques, and adversary tradecraft.
Required Skills: The candidate shall be able to:
- Conduct advanced penetration testing across enterprise and government environments, including network, web application, wireless, and internal/external assessments
- Perform authorized exploitation and post-exploitation activities to validate risk and demonstrate real-world attack impact
- Develop and execute penetration testing methodologies, tactics, techniques, and procedures aligned with industry best practices
- Analyze security architectures, configurations, and controls to identify gaps and provide actionable remediation recommendations
- Produce clear, comprehensive technical reports and executive summaries outlining findings, risk, and mitigation strategies
- Collaborate with blue teams, incident responders, system owners, and developers to improve security posture and validate remediation efforts
- Stay current on adversary tactics, emerging vulnerabilities, and offensive security trends to continuously enhance testing capabilities
- Provide technical leadership and oversight for penetration testing activities across the team
- Train, mentor, and develop junior analysts through hands-on instruction, workshops, and knowledge-sharing sessions
- Guide team members on offensive tools, methodologies, reporting standards, and operational best practices
Desired Skills: - Advanced Penetration Testing Expertise: Proven experience leading and conducting complex penetration tests in enterprise or federal environments, including adversary emulation, red team-style assessments, and validation of security controls against advanced threats
- Technical Proficiency in Offensive Security Tooling: Hands-on experience with tools such as Kali Linux, Metasploit, Burp Suite Pro, Cobalt Strike, Nmap, Nessus, BloodHound, Impacket, and other offensive security platforms used for enumeration, exploitation, and reporting
- Training and Mentorship Experience: Demonstrated ability to train analysts and junior personnel in penetration testing concepts, offensive tooling, attack lifecycle methodology, and reporting standards
- Application and Infrastructure Security Knowledge: Strong understanding of web application security, Active Directory exploitation, privilege escalation, lateral movement, cloud security testing, and common attack vectors affecting modern enterprise environments
- Analytical and Collaborative Mindset: Strong ability to analyze complex environments, simulate realistic attack scenarios, and work closely with defenders, engineers, and leadership to improve security controls and reduce organizational risk
Qualifications: - 10+ years of experience in penetration testing, red teaming, or offensive cybersecurity operations
- Hands-on experience using industry-standard penetration testing and vulnerability assessment tools (e.g., Burp Suite, Metasploit, Nmap, Nessus, BloodHound, etc.)
- Demonstrated experience conducting exploitation, privilege escalation, and lateral movement in authorized environments
- Experience training, mentoring, or leading analysts in cybersecurity or offensive security disciplines
- Strong understanding of common cyber threats, attack vectors, and adversary tactics (MITRE ATT&CK, etc.)
- Bachelor's degree in computer science, Cybersecurity, or related field (or equivalent experience)
- Relevant certifications such as OSCP, OSCE, GPEN, GXPN, CISSP, or GIAC preferred
- Active Top-Secret Clearance (SCI Eligible) preferred
Vibrint's comprehensive compensation package includes but is not limited to: competitive salary; annual merit-based salary increases and discretionary bonus program; 401(k) plan with a company contribution; 11 paid federal holidays; 160 hours of paid time off; medical, dental, vision, life and short- & long-term disability insurance; employee assistance program; and a generous professional development allowance.
Please apply for immediate consideration.
