Koniag IT Systems, LLC, a Koniag Government Services company, is seeking a Penetration Testing Lead to support KITS and our government customer in Washington, DC. This position is for a Future New Business Opportunity.
The customer may need support as needed at other locations: Warrenton, VA, Atlantic City, NJ, Melbourne, FL, Oklahoma, OK and Leesburg, VA.
We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
We are seeking an experienced Penetration Testing Lead to conduct advanced penetration testing activities, simulate cyberattacks, and evaluate the security posture of systems, networks, and applications. The Penetration Testing Lead will analyze vulnerabilities, identify gaps in IT security policies and configurations, and deliver actionable recommendations to reduce organizational cyber risk. This role requires a highly technical leader with demonstrated experience in offensive and defensive cybersecurity operations and penetration testing methodologies.
Essential Functions, Responsibilities & Duties may include, but are not limited to:- Perform penetration testing and vulnerability assessments of systems, networks, and applications.
- Provide detailed analysis of discovered vulnerabilities, gaps, and risks, including assessment of patching and mitigation strategies.
- Act as an ethical attacker (red team) to simulate cyber intrusions, or as defensive cybersecurity personnel (blue team) to strengthen system resilience.
- Develop penetration testing Rules of Engagement (ROE), test plans, and reports.
- Execute tests in alignment with specifications, requirements, and cybersecurity guidance.
- Provide technical expertise on penetration testing tools, cyber ranges, and simulation environments.
- Recommend remediation actions to lower overall risk exposure.
- Lead, supervise, and coordinate penetration testing teams and activities.
Required Qualifications:- Bachelor's degree in Cyber Security, Computer Science, Information Technology, Engineering, Mathematics, or Physics from an accredited institution.
- Eight (8) years of experience performing penetration testing or related responsibilities described in this position.
- At least two (2) years of relevant experience must be recent (performed within the last three years).
- Five (5) years of management and supervisory experience within the required experience timeframe
- Two (2) of those five (5) years must have been in a lead role.
- At least one (1) of the following Red Teaming or Blue Teaming certifications:
Red Teaming Certifications:- Offensive Security Certified Professional (OSCP)
- Offensive Security Certified Expert (OSCE)
- Offensive Security Wireless Professional (OSWP)
- Offensive Security Web Expert (OSWE)
- Certified Ethical Hacker (CEH)
- EC Council Certified Security Analyst (ECSA)
- CEH Practical
- ECSA Practical
- Licensed Penetration Tester (LPT) Master
- GIAC Certified Incident Handler (GCIH)
- GIAC Penetration Tester (GPEN)
- GIAC Web Application Penetration Tester (GWAPT)
- GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
- GIAC Assessing and Auditing Wireless Networks (GAWN)
Blue Teaming Certifications:- Certified Network Defender (CND)
- Certified Network Defense Architect (CNDA)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Defending Advanced Threats (GDAT)
- GIAC Defensible Security Architecture (GDSA)
- GIAC Certified Enterprise Defender (GCED)
- GIAC Certified Forensic Analyst (GCFA)
Preferred Qualifications:- Experience supporting federal agencies or regulated cybersecurity environments.
- Knowledge of NIST security controls, RMF, cyber ranges, and penetration testing methodologies.
- Strong communication, reporting, and documentation skills.
