Lead Penetration Tester

    • BAE Systems
  • Annapolis Junction, MD
  • Posted 30 days ago | Updated 6 hours ago


On Site
USD 126,610.00 - 215,270.00 per year
Full Time


Test-driven development
Certified Ethical Hacker
Information system security
Development testing
Automated testing
Intrusion detection
Information systems
Risk assessment
Social engineering
Incident management
Web development
Programming languages
IT security
Web applications
Burp suite
Information security
Information Technology
Customer support
Intelligence analysis
Systems engineering
System integration
Penetration testing
Software development
Windows PowerShell
Programmable logic controller
Adobe AIR

Job Details

Job Description
The selected candidate will join a high performing agile team that uses the Scaled Agile Framework (SAFe) methodology to support a nationally significant and fast-paced program. Program execution follows DEVOPS best practices and employs robust development, test and production environments. Test Driven Development (TDD) and test automation tools are utilized alongside a full suite of team collaboration tools. The program is focused on injecting new technology and adding advanced capabilities in support of an on-going operational system.

Job Summary
A Lead Penetration Tester is needed to join a high performing agile team using the Scaled Agile Framework (SAFe) methodology. The selected candidate will work on a team of cyber Subject Matter Experts (SMEs) who are providing support to a large, complex technical program for preventing, identifying, containing and eradicating cyber threats to networks through monitoring, intrusion detection and protective security services on information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connections, public facing websites, security devices, servers and workstations. She/he will be responsible for the overall security of Enterprise-wide information systems, and will collect, investigate, and report any suspected and confirmed security violations.

Primary Responsibilities
  • Perform internal and external pentest against systems to determine vulnerabilities and offer mitigation strategies.
  • Perform web app pentests.
  • Perform vulnerability risk assessment.
  • Perform physical pentests and social engineering.
  • Perform cyber incident response as needed for programs.


Required Education, Experience, & Skills
  • Must have experience in web development and programming languages such as Java, XML, Perl and HTML.
  • Must have extensive experience performing IT security risk assessments.
  • Must have experience performing web app and physical pentests.
  • Experience with programming/scripting in Python, Powershell, C, JavaScript, etc.
  • Must have experience with or strong familiarity of the following Web Application tools; Burp Suite, Web Inspect, Appdetective.
  • Must have experience with or strong familiarity of Kali.
  • Must have experience with or strong familiarity of IPS/IDS solutions.
  • Must have a strong understanding of the Cyber Kill Chain methodology.
  • Must have the ability to effectively collaborate with technical staff and customers when necessary to forming strategies and plan for continuous modernization and legacy integration.
  • Must have experience managing multiple projects and quickly and effectively adjusting to shifting priorities and resolving issues.

Preferred Education, Experience, & Skills
Preferred Qualifications
  • BS in a related field and at least 8 years of relevant experience
  • Certifications in one or more of the following areas:
    • GIAC Web Applications Penetration Tester (GWAPT)
    • GIAC Penetration Tester (GPEN)
    • Certified Ethical Hacker (CEH)
    • Certified Information Security Manager (CISM)
    • Certified Web Application Defender (GWEB)
    • Certified Information System Security Professional (CISSP)

Pay Information
Full-Time Salary Range: $126610 - $215270

Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience.

Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics.

About BAE Systems Intelligence & Security
BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it's what we do at BAE Systems. Working here means using your passion and ingenuity where it counts - defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team-making a big impact on a global scale. At BAE Systems, you'll find a rewarding career that truly makes a difference. Intelligence & Security (I&S), based in McLean, Virginia, designs and delivers advanced defense, intelligence, and security solutions that support the important missions of our customers. Our pride and dedication shows in everything we do-from intelligence analysis, cyber operations and IT expertise to systems development, systems integration, and operations and maintenance services. Knowing that our work enables the U.S. military and government to recognize, manage and defeat threats inspires us to push ourselves and our technologies to new levels. At BAE Systems, we celebrate the array of skills, experiences, and perspectives our employees bring to the table. For us, differences are a source of strength. We're laser-focused on high performance, and we work hard every day to nurture an inclusive culture where all employees can innovate and thrive. Here, you will not only build your career, but you will also enjoy work-life balance, uncover new experiences, and collaborate with passionate colleagues.