June 25, 2026For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above. It's a better process: facilitating a continuous ATO through real-time monitoring and dashboards that provide single pane of glass visibility into control compliance, zero-trust built-in to system design from day one, continuous evidence that gives auditors real-time proof instead of point-in-time packages, and an ATO that program teams can inherit rather than pursue.
Washington, DC16 days ago
p>As a Penetration Tester III at Revolutional, you are a senior offensive security practitioner with the range to operate across network, application, cloud, mobile, and IoT environments — and the experience to lead the engagements, not just execute them. You plan and conduct Red Team operations, High Value Asset assessments, and continuous penetration testing programs against complex federal infrastructure, and you produce findings that drive real security improvements.
li>Work closely with development teams, product managers, and customer success teams to ensure successful delivery of consulting services or product implementation projects and remove roadblocks . TestPros considers several factors when extending an offer, including but not limited to, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, geographic location, education, and certifications.
Advanced Penetration Testing Expertise: Proven experience leading and conducting complex penetration tests in enterprise or federal environments, including adversary emulation, red team-style assessments, and validation of security controls against advanced threats. Technical Proficiency in Offensive Security Tooling: Hands-on experience with tools such as Kali Linux, Metasploit, Burp Suite Pro, Cobalt Strike, Nmap, Nessus, BloodHound, Impacket, and other offensive security platforms used for enumeration, exploitation, and reporting.
Arlington, Virginia30+ days ago
li>Possess one of the following certifications, OR be able to obtain before start date:
Arlington, VA30+ days ago
As the worlds leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Common application vulnerabilities and exploits such as outdated components, permissions mis-configurations, lack of input validation, logging/monitoring failures, etc.
li>Possess one of the following certifications, OR be able to obtain before start date:
CCNA Cyber Ops, CCNA-Security, CEH, CFR, Cloud+, CySA+, GCIA, GCIH, GICSP, SCYBER, Security+ CE, SSCP. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies.
Arlington, Virginia17 days ago
li>Possess one of the following certifications, OR be able to obtain before start date:
div class="content-intro">SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider headquartered in Dulles, Virginia with operations across the U.S. We provide innovative enterprise-wide solutions as well as targeted services addressing the complex challenges faced by our federal government clients.
SkyePoint Decisions is seeking a Penetration Tester to support the Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable innovative, effective, and secure business processes.
p>JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
Arlington, VA30+ days ago
Included in the S&P 500 Index and the NASDAQ 100, CoStar Group is on a mission to digitize the worlds real estate, empowering all people to discover properties, insights and connections that improve their businesses and lives. Collaborate with detection engineering and incident response on purple team exercises, validating that preventative and detective controls behave as expected against realistic adversary techniques.
McLean, Virginia12 days ago
Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.Join our Talent Community to stay up to date on our career opportunities and events at.
Total Rewards at GDIT:.
div class="content-conclusion">Requirements of position: Think analytically, effective verbal and written communication skills, make decisions, observe/remember details, interpret data, concentrate on tasks, adjust to change, handle stress/emotions. Our talented employee-owners provide agile, scalable services and solutions that solve operational gaps, operate critical systems, and protect and secure the enterprise – across the organization and around the world..
Alexandria, Virginia30+ days ago
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. Certifications: Holds or is working toward penetration testing and offensive security certifications appropriate for DoD environments, such as CEH, PenTest+, GPEN, OSCP, or equivalent DoD 8570/8140-approved cybersecurity certifications.
p>Certifications DoD 8570 IAM Level III Baseline Certification: Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) Certified Chief Information Security Officer (CCISO) Must hold a penetration testing certification, such as: Licensed Penetration Tester (LPT) Certified Expert Penetration Tester (CEPT) Certified Ethical Hacker (CEH) GIAC Penetration Tester (GPEN) OR have a minimum of eight (8) years of penetration testing experience. "Technology moving at the speed of thought" embodies these principles - the need to nimbly utilize the best that information technology offers to meet the business needs of our Federal Government customers.
Ashburn, Virginia23 days ago
div>The U.S. Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a U.S. Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations.
Responsible for managing the team of Penetration Testers, penetration tests, the scheduling and coordination of pentests,
Lead and execute advanced penetration testing, purple team engagements, and red team engagements across complex enterprise environments, including internal/external network infrastructure, Active Directory domains, APIs, hybrid cloud architectures, and on-prem systems.
li>Support Network Assistance Visits and Persistent Penetration Testing events under senior guidance; perform validation tasks during Network Damage Assessments to check for compromise indicators. Candidate must meet ONE of the following:
Bachelor's degree in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering; OR.
Herndon, Virginia30+ days ago
li>Candidate must meet ONE of the following:
- Bachelor’s degree in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering; OR.
- Support Network Assistance Visits and Persistent Penetration Testing events under senior guidance; perform validation tasks during Network Damage Assessments to check for compromise indicators.
Offensive Security Certified Professional (OSCP), HTB Certified Penetration Tester Specialist (CPTS), eLearn Security Junior Penetration Tester (EJPT), GIAC Global Information Assurance Penetration Tester (GPEN), or GIAC Cloud Penetration Tester Certification. Onsite: If this position is listed as onsite, work will primarily be performed at a Booz Allen office or customer facility, where employees will collaborate directly with colleagues and customers as required by the role.
Onsite: If this position is listed as onsite, work will primarily be performed at a Booz Allen office or customer facility, where employees will collaborate directly with colleagues and customers as required by the role. Apply security testing and penetration testing techniques and mindset to a wide range of projects, become part of a team of security enthusiasts that perform cutting-edge research, and promote an environment of innovation and knowledge sharing.
This role supports critical national security missions by identifying vulnerabilities, emulating real-world adversaries, and strengthening defensive cyber capabilities across enterprise, cloud, mobile, IoT, and High Value Asset (HVA) systems. You will lead technical engagements, drive red team operations, and collaborate closely with SOC, incident response, and engineering teams to ensure findings translate into measurable security improvements.
li>Required experience and skills:
Offensive security, red‑team, or penetration testing experience with at least 3 years leading complex, high‑impact assessments in enterprise or DoD environments.
- Plan and lead advanced penetration testing operations (Network Assistance Visits, Persistent Penetration Testing) to emulate adversary threat models against Army networks.
Herndon, Virginia30+ days ago
li>Required experience and skills:
Washington, DC30+ days ago
JPMorganChase, one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.
If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at ssc.customersupport@ey.com. From strategy to execution, the Government & Public Sector practice ("GPS") of Ernst & Young provides a full range of consulting and audit services to help our Federal, State, Local and Education clients implement new ideas to help achieve their mission outcomes.
This Federal Strategic Cyber program encompasses technical, engineering, data analytics, cyber security, management, operational, logistical and administrative support to aid and advise the Cyber & Technology Security (CTS) Directorate. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies.
Arlington, VA30+ days ago
p>This Federal Strategic Cyber program encompasses technical, engineering, data analytics, cyber security, management, operational, logistical and administrative support to aid and advise the Cyber & Technology Security (CTS) Directorate. Either possess or obtain prior to start date ONE of the following certifications:
CCNA Cyber Ops, CCNA-Security, CEH, CFR, Cloud+, CySA+, GCIA, GCIH, GICSP, or SCYBER.
Arlington, Virginia30+ days ago
p style="margin:0px">This Federal Strategic Cyber program encompasses technical, engineering, data analytics, cyber security, management, operational, logistical and administrative support to aid and advise the Cyber & Technology Security (CTS) Directorate. Either possess or obtain prior to start date ONE of the following certifications:- CCNA Cyber Ops, CCNA-Security, CEH, CFR, Cloud+, CySA+, GCIA, GCIH, GICSP, or SCYBER.
Arlington, Virginia25 days ago
p style="margin:0px">This Federal Strategic Cyber program encompasses technical, engineering, data analytics, cyber security, management, operational, logistical and administrative support to aid and advise the Cyber & Technology Security (CTS) Directorate. Must possess and maintain ONEof the listed certifications below: - CCNA Cyber Ops, CCNA-Security, CEH, CFR, Cloud+, CySA+, GCIA, GCIH, GICSP, or SCYBER.
p>arrow-right Missions arrow-right Civil Government arrow-right Commercial arrow-right Cyber Fusion Centers arrow-right Cybersecurity Strategy arrow-right Incident Response arrow-right Defense arrow-right Energy Resources & Utilities arrow-right Health arrow-right Homeland Security & Law Enforcement arrow-right Intelligence arrow-right International arrow-right Asia Pacific arrow-right Europe arrow-right Space arrow-right Transportation. arrow-right Careers arrow-right Search Jobs arrow-right Teams & Missions arrow-right Life at Booz Allen arrow-right Benefits Flexibility Professional Development arrow-right Locations arrow-right Recruiting & Networking Events arrow-right Military Talent arrow-right University Talent arrow-right Candidate Resources arrow-right Returning Applicants.
Application Penetration Tester - NC, TX, MN, AZ, iA, OH, TX, DC StratAcuity Staffing Partners Inc
Application Penetration Tester - NC, TX, MN, AZ, iA, OH, TX, DCDC17 days ago
p>Job Summary: In this contingent resource assignment, you may: Consult on or participate in moderately complex initiatives and deliverables within Cyber Security Research and contribute to large-scale planning related to Cyber Security Research deliverables. In terms of professional development, Everforth Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA.
Chantilly, VA30+ days ago
p>Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. • Knowledge of exploitation concepts including phishing and social engineering tactics, buffer overflows, fuzzing, SQLi, MiTM, covert channels, secure tunneling and open source exfiltration techniques.
You will shape engagement strategy and uncover real‑world attack paths across ICS/OT networks through hands‑on exploitation and deep technical analysis, working closely with customers across critical infrastructure sectors such as oil and gas, electric, water treatment, and manufacturing. About the Role: Our Professional Services Team is seeking Associate Principal OT Penetration Tester who will provide technical leadership across vulnerability assessments, penetration testing, and adversary emulation activities supporting customer services engagements.
Chantilly, Virginia30+ days ago
p>Pay Range: There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications.
Knowledge of exploitation concepts including phishing and social engineering tactics, buffer overflows, fuzzing, SQLi, MiTM, covert channels, secure tunneling and open source exfiltration techniques.
5-7 years of relevant experience in IT Security Hands-on experience with Cloudflare implementing API security Understanding of cryptography concepts: hashing, signing, symmetric/asymmetric encryption and decryption, etc. Working knowledge of networking, (routing, DNS, common ports, protocols, and firewalls) Our client is a leading Banking Industry, and we are currently interviewing to fill this and other similar contract positions.
Specific experience (1-3 years for T3) or (3-5 years for T4) in at least 1 of the following specialties: Network pentesting Web application pentesting Active directory pentesting Mobile application pentesting Cloud infrastructure pentesting RF pentesting Experience with 1-3 (T3) 3-5(T4) of the tools listed below: Kali Linux Metaspoilt Burp suite pro Cobalt Strike / Sliver Tenable Nessus Tenable Security Center Bloodhound BladeRF / HakRF Hak5 equipment Wireshark / tcpdump Prowler Scoutsuite Core Certifications: At least one pentesting certification: OSCP GPEN CRTO OSWP GWAPT AWS Solutions Architect Associate Clearance: In addition to specific security clearance requirements all CBP SOC employees are required to successfully complete a CBP Background Investigation to support this program Preferred Qualifications: CISSP GISF GXPN OSCE OSEE AWS Certified Security - Specialty Certified Kubernetes Administrator (CKA) Ability to brief senior government leadership on pentesting requirements and results Red Team operator experience Experience creating and updating SOPs Analytical and Problem-Solving Skills Communication SkillsIf you''re looking for comfort, keep scrolling. Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations.
div>The pay range for the states of California, Colorado, Hawaii, Illinois, Maine, Maryland, Massachusetts, Minnesota, New Jersey, New York, Vermont, Virginia, Washington, and the District of Columbia, and the city of Cleveland is:
$106,300—$221,100 USD
What We Believe
As a company wholly dedicated to serving the US federal government, we bring together the best talent to help reinvent how federal agencies operate and deliver greater value for their mission and the American people. Accommodations made to facilitate the recruiting process are not a guarantee of future or continued accommodations once hired.
If you are being considered for employment opportunities with Accenture Federal Services and need an accommodation for a disability or religious observance during the interview process or for the job you are interviewing for, please speak with your recruiter.
Other Employment Statements
Applicants for employment in the US must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the United States.
Candidates who are currently employed by a client of Accenture Federal Services or an affiliated Accenture business may not be eligible for consideration.
p>The Penetration Tester executes structured offensive security assessments across WDP''s classified and unclassified environments under senior testing leadership, validating the security posture of mission-critical network infrastructure, web applications, cloud components, and operational data platform services spanning NIPRNet, SIPRNet, and JWICS. This role directly supports WDP''s Risk Management Framework compliance obligations, Authorization to Operate activities, and continuous monitoring requirements by delivering technically rigorous, evidence-based findings that enable timely remediation and strengthen the platform''s defense-in-depth posture.
Onsite: If this position is listed as onsite, work will primarily be performed at a Booz Allen office or customer facility, where employees will collaborate directly with colleagues and customers as required by the role. The Opportunity: As a member of the Booz Allen internal Red Team, you'll lead enterprise and system-focused network and penetration assessments to identify security risks within applications, security controls, and network infrastructure.
HII - Mission Technologies is currently seeking a SME Information System Security Manager (ISSM) to work out of Fairfax, VA in support of the DoD/DoW Advana War Data Platform designed to aggregate operational, intelligence, logistics, and sensor data from multiple domains, enable Joint All-Domain Command and Control (JADC2) by providing a common data fabric, and support AI/ML applications for predictive analytics, targeting, and mission planning. • 15 years relevant experience with Bachelors in related field; 13 years relevant experience with Masters in related field; 10 years relevant experience with PhD or Juris Doctorate in related field; or High School Diploma or equivalent and 19 years relevant experience.
HII - Mission Technologies is currently seeking a Senior Zero Trust Compliance Officer to work out of Fairfax, VA in support of the DoD/DoW Advana War Data Platform designed to aggregate operational, intelligence, logistics, and sensor data from multiple domains, enable Joint All-Domain Command and Control (JADC2) by providing a common data fabric, and support AI/ML applications for predictive analytics, targeting, and mission planning. • 10 years relevant experience with Bachelors in related field; 7 years relevant experience with Masters in related field; 4 years relevant experience with PhD or Juris Doctorate in related field; or High School Diploma or equivalent and 13 years relevant experience.
HII - Mission Technologies is currently seeking an Intermediate-level Supply Chain Risk Management (SCRM) Audit Analyst to work out of Fairfax, VA in support of the DoD/DoW Advana War Data Platform designed to aggregate operational, intelligence, logistics, and sensor data from multiple domains, enable Joint All-Domain Command and Control (JADC2) by providing a common data fabric, and support AI/ML applications for predictive analytics, targeting, and mission planning. Our capabilities in cybersecurity, network architecture, reverse engineering, software and hardware development uniquely enable us to support sensitive missions for the U.S. military and federal agency partners.
Springfield, VA30+ days ago
Designs and implements information assurance and security engineering systems with requirements of business continuity, operations security, cryptography, forensics, regulatory compliance, internal counter-espionage (insider threat detection and mitigation), physical security analysis (including facilities analysis, and security management). Desired certifications or training: Intermediate to Advanced Spunk certifications (e.g., Splunk Enterprise Security Certified Admin, Splunk IT Service intelligence certified admin, Splunk SOAR Certified Automation Developer) Ansible, or equivalent CND-related coursework.
p>This is an opportunity to develop attack vectors, conduct reconnaissance, collect open-source intelligence, enumeration, and foot-printing of target platforms, networks, and services, and develop exploit payloads and system backdoors to identify vulnerabilities or weaknesses. In this role, you'll be instrumental in conducting penetration testing activities such as reverse shell, SQL injections, social engineering, buffer overflows, trojan horses, password cracking tools and techniques, and privilege escalation.
Falls Church, Virginia10 days ago
li>Technical Knowledge: Expert knowledge of penetration testing methodologies (PTES, OWASP, NIST 800-115), network protocols, web applications, exploitation techniques, security controls. This role leads penetration testing engagements, develops testing methodologies, coordinates with system owners, and produces comprehensive penetration testing reports.
This is a unique opportunity to utilize a kill chain process to thwart Advanced Persistent Threats (APT) and implement cutting-edge technologies like Zero Trust Architecture, AI/ML risk mitigation, and Post-Quantum Computing readiness. Our team provides comprehensive 24/7 security services supporting an expansive network across LANs, WANs, and advanced Cloud-based infrastructures.