Senior Penetration Tester

DataStaff, Inc. is in need of a Senior Penetration Tester for a long-term contract opportunity with one of our direct clients in Raleigh, NC
*This position is hybrid
*Occasional statewide travel may be required
Responsibilities:

• Conduct authorized network & infrastructure penetration testing to identify, validate, & demonstrate security weaknesses.

• Plan and execute internal and external penetration tests for network and infrastructure environments
• Perform vulnerability identification, validation, and controlled exploitation
• Assess security posture across:
  • Network devices (firewalls, routers, switches)
  • On-premise servers and operating systems (Windows, Linux, Unix)
  • Active Directory and identity infrastructure
  • Remote access solutions and VPNs
  • Cloud environments (where applicable)
• Simulate advanced threat actor techniques, including:
  • Privilege escalation
  • Lateral movement
  • Credential compromise
  • Persistence mechanisms
• Evaluate security configurations and control effectiveness
• Conduct testing in accordance with approved Rules of Engagement
• Prepare and deliver formal penetration testing reports suitable for executive, audit, and technical audiences
• Support remediation validation and follow-up testing as required

Required Skills:

• 7 Years - Hands-on experience in penetration testing or offensive security
• 7 Years - Demonstrated expertise in network and infrastructure security testing
• 8 Years - Strong understanding of: TCP/IP, DNS, DHCP, VPN, firewalls, IDS/IPS, Windows and Linux system internals, Active Directory attack paths
• 7 Years - Advanced proficiency with penetration testing tools such as: Nmap, Nessus, Metasploit, Burp Suite, BloodHound, NetExec, PingCastel Analysis tools
• 7 Years - Experience producing standard penetration testing reports
• 7 Years - Familiarity with security frameworks and standards, including: NIST SP 800-53, 800-115, 800-61, MITRE ATT&CK, OWASP Testing Guide
• 7 Years - Experience working within regulated or high-security environments
• 5 Years - Strong understanding of legal, ethical, and compliance requirements for penetration testing

This position is available on a corp-to-corp basis or as a W2 position with a competitive benefits package. DataStaff, Inc. offers medical, dental and vision coverage options as well as paid vacation, sick and holiday leave. As many of our opportunities are long-term, we also have a 401k program available for employees after 6 months.