Cybersecurity Pen Tester Engineer - Senior

Job Description

Position Summary
ECS is seeking a Cybersecurity Pen Tester Engineer - Senior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. In this role, you will support Task 3 - Cybersecurity Operations Support by leading penetration testing and adversarial assessments of networks, systems, applications, and enclaves across the ARNG enterprise. You will develop test plans, rules of engagement, and exploitation methodologies; execute manual and automated testing; validate remediation through retesting; and produce technical reporting that informs risk decisions, mitigation planning, and overall cybersecurity posture. This position works closely with ENOCS cybersecurity operations, engineering, compliance, incident response, and RMF personnel to strengthen Defensive Cyberspace Operations - Internal Defensive Measures (DCO-IDM) across the DoDIN-Army-NG area of responsibility.

This role directly supports a mission environment that delivers DoDIN services and cyber defense for more than 120,000 users and approximately 141,000 endpoints across about 2,800 sites in 54 states and territories. The Cybersecurity Pen Tester Engineer - Senior contributes to protection of both classified and unclassified network environments that enable ARNG Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations. The position operates within a technical ecosystem that includes coordination with the NETCOM Global Cyber Center and DISA DCDC, and interfaces with enterprise cyber operations built around USIEM, EDR, IDS/IPS, eMASS, ACAS, STIG-aligned compliance activities, and DCO-focused monitoring and response processes.

Please Note: This position is contingent upon contract award.
Responsibilities

• Lead penetration testing and adversarial assessments of ARNG networks, systems, applications, and enclaves to evaluate enterprise security posture and identify exploitable weaknesses.
• Develop detailed test plans, rules of engagement, and exploitation methodologies aligned to DoD and ARNG cybersecurity policy, operational constraints, and RMF requirements.
• Execute advanced manual and automated exploitation activities against classified and unclassified environments, documenting attack paths, technical impacts, and risk implications.
• Validate remediation effectiveness through structured retesting and provide clear technical feedback to system owners, engineers, and cybersecurity operations personnel.
• Produce comprehensive technical reports and executive summaries that prioritize findings by risk, clearly describe vulnerabilities, and recommend practical mitigation strategies.
• Coordinate assessment activities with Task 3 cybersecurity operations teams to support DCO-IDM objectives across the DoDIN-Army-NG area of responsibility.
• Support cybersecurity reporting and risk decisions by aligning assessment results with eMASS documentation, POA&M development, and ongoing RMF compliance activities.
• Collaborate with SOC and monitoring teams that leverage USIEM, EDR, and IDS/IPS analytics to inform threat-informed testing, identify defensive gaps, and strengthen enterprise detections.
• Engage with stakeholders operating in coordination with the NETCOM Global Cyber Center and DISA DCDC to ensure testing activities support 24/7/365 cybersecurity engineering, operations, and vulnerability management objectives.

Required Skills

Required Qualifications
U.S. Citizenship is required

Security Clearance: Secret Eligible

Required Certifications: DCWF Work Role 631-Information Systems Security Developer - Intermediate proficiency; must hold ONE OR MORE of the following: SecurityX / CASP+, CCSP, Cloud+, CSC, GCLD, GCSA, GSEC

Experience: 7+ years of experience in cybersecurity

Education: Bachelors degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering

• Demonstrated experience conducting penetration testing or adversarial assessments of enterprise networks, systems, applications, or enclaves.
• Demonstrated ability to develop rules of engagement, test plans, exploitation methodologies, and retest procedures for remediation validation.
• Experience producing technical assessment reports and executive-level summaries that clearly communicate findings, risk priorities, and mitigation recommendations.
• Experience assessing security posture in support of RMF-aligned environments, including documentation of findings for risk tracking and corrective action.
• Ability to coordinate effectively with cybersecurity operations, engineering, compliance, and incident response stakeholders in a large enterprise environment.
• Experience supporting vulnerability assessment activities within DoD or similarly regulated environments with STIG-aligned compliance expectations.
• Ability to evaluate both classified and unclassified environments while maintaining disciplined documentation and operational controls.

Desired Skills

Desired Qualifications
Security Clearance: Active Secret (preferred)

• Experience supporting Army, ARNG, or other DoD cybersecurity operations in environments spanning NIPRNet and SIPRNet enclaves.
• Familiarity with enterprise cyber operations environments that use USIEM, EDR, IDS/IPS, ACAS, and eMASS to support continuous monitoring and assessment activities.
• Experience coordinating penetration testing or security assessment activities with SOC, CIRT, RMF, or vulnerability management teams.
• Experience assessing large-scale distributed environments supporting geographically dispersed users, endpoints, and sites.
• Familiarity with MITRE ATT&CK-based analysis to frame adversary behavior, detection gaps, and defensive improvement opportunities.

ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

Everforth ECS is the federal segment of Everforth , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.

Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.

We value:

• Attracting and developing top talent and high-performing teams
• Fostering a culture that is engaging, accountable, and mission-driven