Everforth ECS is seeking a
Penetration Testing Team Lead who lives in close proximity to the
National Capital Region (NCR) to join a premier, enterprise-scale cybersecurity program supporting a major federal civilian agency.
Please Note: This position is contingent upon contract award.Salary Range: $170,000 - $190,000
This flagship initiative unifies 24x7x365 Security Operations (SOC), proactive threat hunting, and advanced Security Engineering and Architecture into a cohesive defensive mission. As a key leader on this program, you will drive the protection of highly sensitive, national-level financial, and personally identifiable information (PII). You will be at the forefront of modernizing the agency's cyber posture, implementing advanced automation, and ensuring continuous operational resilience across a massive, highly complex federal IT enterprise.
As the Penetration Testing Team Lead, you will serve as the principal offensive security authority for the program - planning, directing, and executing advanced penetration testing and Red Team engagements across a large-scale federal civilian environment. Working closely with SOC, threat hunting, and security engineering teams. You will identify and exploit vulnerabilities before adversaries can validate the agency's defensive controls, and deliver clear, actionable reporting that drives measurable improvements in the agency's overall security posture.
Position Responsibilities:- Plan, coordinate, and lead Red Team and penetration testing engagements across federal systems, including network infrastructure, web applications, APIs, and cloud environments.
- Oversee all aspects of test planning, execution, and reporting, ensuring engagements are thorough, well-documented, and deliver clear, actionable findings for both technical teams and senior government officials.
- Maintain penetration testing and Red Team tools, including patches, upgrades, environmental configurations, and inventory management to ensure operational readiness across all engagements.
- Ensure all engagements align with NIST SP 800-115, MITRE ATT&CK, and DHS Risk and Vulnerability Assessment (RVA) standards.
- Lead and execute advanced Purple Team engagements in coordination with the SOC and threat hunting teams to validate detection coverage and improve defensive response capabilities.
- Demonstrate expertise in multi-layer exploitation, with the ability to identify, chain, and execute attacks across network infrastructure, operating systems, web applications, APIs, and cloud platforms.
- Mentor junior penetration testers, providing technical guidance, supporting skills development, and evaluating new tools and techniques for inclusion in the team's toolkit.
- Produce high-quality penetration testing reports that clearly document findings, exploit chains, risk ratings, and remediation recommendations in language accessible to both technical and executive audiences.
- Research emerging offensive techniques, adversary TTPs, and new tooling to ensure the team's methods remain current and representative of real-world threats.
Collaborate with vulnerability management, security engineering, and SOC teams to ensure penetration testing findings are tracked, prioritized, and remediated in a timely manner.
- U.S. Citizenship required.
- 12+ years of experience in offensive security, with demonstrated expertise in penetration testing and Red Team operations across complex federal or enterprise environments.
- Remote but within close proximity to the NCR.
- Active Public Trust 6c clearance, or the ability to obtain and maintain one.
- At least one of the following certifications: OSCP, OSCE, GXPN, or CEH.
- Hands-on experience with network, web application, AWS cloud, and API penetration testing across complex, large-scale environments.
- Proficiency with offensive security tooling and the ability to adapt and develop custom techniques as required by the engagement.
- Demonstrated ability to plan, manage, and execute penetration testing engagements from scoping through final reporting.
- Strong knowledge of the MITRE ATT&CK framework and its practical application to adversary emulation and Red Team planning.
- Familiarity with NIST SP 800-115 and DHS RVA standards for federal penetration testing engagements.
- Excellent written and verbal communication skills, including strong technical writing ability and experience presenting findings to senior government officials.