ECS

Penetration Testing Team Lead

ECS$170K — $190K *
US-AnywhereRemote in United States
Information Technology
11 - 15 years of experience
Job Overview by Ladders

Qualifications

  • 12+ years in offensive security with a focus on penetration testing and Red Team operations
  • Active Public Trust 6c clearance or ability to obtain one
  • One certification from OSCP, OSCE, GXPN, or CEH required
  • Hands-on experience in network, web application, AWS cloud, and API penetration testing
  • Strong knowledge of MITRE ATT&CK framework
  • Familiarity with NIST SP 800-115 and DHS RVA standards
  • Excellent written and verbal communication skills.

Responsibilities

  • Plan and lead Red Team and penetration testing engagements across federal systems
  • Oversee test planning, execution, and reporting, delivering actionable findings
  • Maintain penetration testing tools, ensuring operational readiness
  • Align engagements with NIST SP 800-115 and other federal guidelines
  • Lead advanced Purple Team engagements to improve defensive capabilities
  • Mentor junior penetration testers and evaluate new techniques and tools
  • Produce high-quality reports documenting findings and remediation recommendations.

Benefits

  • Collaborative work environment within a premier cybersecurity team
  • Opportunity to lead initiatives in a flagship federal project
  • Engage with advanced security techniques and state-of-the-art tools
  • Support from an established Security Operations Center (SOC)
  • Professional development through mentorship opportunities.
Full Job Description
Everforth ECS is seeking a Penetration Testing Team Lead who lives in close proximity to the National Capital Region (NCR) to join a premier, enterprise-scale cybersecurity program supporting a major federal civilian agency.

Please Note: This position is contingent upon contract award.

Salary Range: $170,000 - $190,000

This flagship initiative unifies 24x7x365 Security Operations (SOC), proactive threat hunting, and advanced Security Engineering and Architecture into a cohesive defensive mission. As a key leader on this program, you will drive the protection of highly sensitive, national-level financial, and personally identifiable information (PII). You will be at the forefront of modernizing the agency's cyber posture, implementing advanced automation, and ensuring continuous operational resilience across a massive, highly complex federal IT enterprise.

As the Penetration Testing Team Lead, you will serve as the principal offensive security authority for the program - planning, directing, and executing advanced penetration testing and Red Team engagements across a large-scale federal civilian environment. Working closely with SOC, threat hunting, and security engineering teams. You will identify and exploit vulnerabilities before adversaries can validate the agency's defensive controls, and deliver clear, actionable reporting that drives measurable improvements in the agency's overall security posture.

Position Responsibilities:
  • Plan, coordinate, and lead Red Team and penetration testing engagements across federal systems, including network infrastructure, web applications, APIs, and cloud environments.
  • Oversee all aspects of test planning, execution, and reporting, ensuring engagements are thorough, well-documented, and deliver clear, actionable findings for both technical teams and senior government officials.
  • Maintain penetration testing and Red Team tools, including patches, upgrades, environmental configurations, and inventory management to ensure operational readiness across all engagements.
  • Ensure all engagements align with NIST SP 800-115, MITRE ATT&CK, and DHS Risk and Vulnerability Assessment (RVA) standards.
  • Lead and execute advanced Purple Team engagements in coordination with the SOC and threat hunting teams to validate detection coverage and improve defensive response capabilities.
  • Demonstrate expertise in multi-layer exploitation, with the ability to identify, chain, and execute attacks across network infrastructure, operating systems, web applications, APIs, and cloud platforms.
  • Mentor junior penetration testers, providing technical guidance, supporting skills development, and evaluating new tools and techniques for inclusion in the team's toolkit.
  • Produce high-quality penetration testing reports that clearly document findings, exploit chains, risk ratings, and remediation recommendations in language accessible to both technical and executive audiences.
  • Research emerging offensive techniques, adversary TTPs, and new tooling to ensure the team's methods remain current and representative of real-world threats.

Collaborate with vulnerability management, security engineering, and SOC teams to ensure penetration testing findings are tracked, prioritized, and remediated in a timely manner.

  • U.S. Citizenship required.
  • 12+ years of experience in offensive security, with demonstrated expertise in penetration testing and Red Team operations across complex federal or enterprise environments.
  • Remote but within close proximity to the NCR.
  • Active Public Trust 6c clearance, or the ability to obtain and maintain one.
  • At least one of the following certifications: OSCP, OSCE, GXPN, or CEH.
  • Hands-on experience with network, web application, AWS cloud, and API penetration testing across complex, large-scale environments.
  • Proficiency with offensive security tooling and the ability to adapt and develop custom techniques as required by the engagement.
  • Demonstrated ability to plan, manage, and execute penetration testing engagements from scoping through final reporting.
  • Strong knowledge of the MITRE ATT&CK framework and its practical application to adversary emulation and Red Team planning.
  • Familiarity with NIST SP 800-115 and DHS RVA standards for federal penetration testing engagements.
  • Excellent written and verbal communication skills, including strong technical writing ability and experience presenting findings to senior government officials.

About ECS

ECS is a leading provider of digital solutions and services to the federal government. The company was founded in 2001 by Roy Kapani and has since grown to become a trusted partner to a wide range of government agencies. ECS offers a broad range of services, including cloud computing, cybersecurity, and artificial intelligence. The company has been recognized for its innovative solutions and has won numerous awards, including the AWS Public Sector Partner of the Year award.
Learn more about ECS
Size
2,000 employees
Industry

Similar Jobs

More Jobs at ECS

More Information Technology Jobs

Find similar Penetration Testing Team Lead jobs: