Lead Penetration Tester

Emerald Technical Solutions

$150K — $160K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Cybersecurity, IT, Computer Science, or related field (or equivalent experience).
  • 5+ years of hands-on penetration testing experience in enterprise environments.
  • Experience operating under formal Rules of Engagement and written authorization processes.
  • Proficient in producing detailed technical assessment reports and executive-level summaries.
  • Strong understanding of network, web application, and system security vulnerabilities.
  • Experience in federal or regulated environments with strict documentation requirements.
  • Excellent written and verbal communication skills for both technical and non-technical audiences.

Responsibilities

  • Conduct authorized penetration tests on FAA/DOT systems and networks per approved scope.
  • Perform no-knowledge or limited-knowledge assessments under Government supervision.
  • Document and update penetration testing processes and procedures.
  • Develop detailed Penetration Testing Project Management Plans.
  • Produce comprehensive Penetration Testing Reports of Findings with executive summaries and vulnerability analysis.
  • Generate weekly status reports meeting government-required formats.
  • Coordinate with system owners and SOC teams to validate findings and aid remediation efforts.
  • Support Red/Blue Team exercises and incident response planning, including scenario development and analysis.

Benefits

  • Competitive compensation package and benefits.
  • Professional development and certification opportunities.
  • Collaborative and supportive team environment.
Full Job Description
Position Title: Lead Penetration Tester
Position Type: Full Time Employee
Location: Hybrid (Leesburg & Remote)
Clearance Requirement: Secret

Position Overview
The Senior Penetration Tester supports the FAA Office of Information Security & Privacy Service (AIS) Cybersecurity Operations program. This role is responsible for executing authorized penetration testing activities across FAA/DOT systems and networks, documenting processes and procedures, producing required reports and deliverables, and supporting Red/Blue Team and incident response exercises from an offensive perspective.
The position operates within a controlled federal environment requiring strict adherence to Rules of Engagement (RoE), written authorizations, evidence handling requirements, and coordination with system owners, SOC analysts, and government stakeholders.

Key Responsibilities
  • Conduct authorized penetration testing activities against FAA/DOT systems and networks in accordance with approved scope and Rules of Engagement.
  • Perform no-knowledge and/or limited-knowledge assessments under Government supervision.
  • Document, maintain, and update penetration testing processes and procedures.
  • Develop Penetration Testing Project Management Plans outlining targets, schedules, staffing assignments, and status.
  • Produce comprehensive Penetration Testing Reports of Findings including executive summaries, methodologies, vulnerabilities identified, risk impacts, and remediation recommendations.
  • Generate weekly status reports in accordance with government-required format and timelines.
  • Capture, retain, and manage logs and artifacts of all manual and automated testing activities for audit and forensic purposes.
  • Coordinate with system owners and SOC teams to validate findings and support remediation efforts.
  • Support Red/Blue Team exercises and incident response plan (IRP) exercises, including attack scenario development, execution, and post-exercise analysis.
  • Evaluate and support integration or operational use of penetration testing tools as authorized.
Required Qualifications
  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience).
  • 5+ years of hands-on penetration testing experience in enterprise environments.
  • Demonstrated experience operating under formal Rules of Engagement and written authorization processes.
  • Experience producing detailed technical assessment reports and executive-level summaries.
  • Strong understanding of network, web application, and system security vulnerabilities and exploitation techniques.
  • Experience supporting federal or regulated environments with strict documentation and compliance requirements.
  • Strong written and verbal communication skills with the ability to brief technical and non-technical stakeholders.
Preferred Qualifications
  • Experience supporting federal cybersecurity programs (FAA, DOT, DoD, or similar).
  • Experience participating in Red/Blue Team exercises and incident response simulations.
  • Familiarity with NIST 800-115 and other federal security testing guidance.
  • Relevant certifications such as OSCP, GPEN, CEH, CISSP, or similar.
  • Experience assessing cloud or hybrid environments.
Benefits
  • Competitive compensation package and benefits.
  • Salary Range 150 - 160K.
  • Professional development and certification opportunities.
  • Collaborative and supportive team environment.

Similar Jobs

More Jobs at Emerald Technical Solutions

  • Systems Engineer
    $120K — $150K *
    Aberdeen Proving Ground, MD 21005 (Harford County)
    Aerospace & Defense
    In-Person
  • Network Engineer
    $130K — $160K *
    Aberdeen Proving Ground, MD 21005 (Harford County)
    Aerospace & Defense
    In-Person
  • Lead Penetration Tester
    $150K — $160K *
    Leesburg, VA 20176 (Loudoun County)
    Technical Services
    In-Person

More Information Technology Jobs

Find similar Lead Penetration Tester jobs: