Senior Penetration Tester

ASSYST is seeking a Senior Penetration Tester to support our client project in Baltimore, MD.

Work mode: Hybrid

Senior Penetration Tester to perform internal and external penetration testing of networks, web applications, APIs, and cloud environments to identify security vulnerabilities and exploit paths, and other related tasks.

Duties / Responsibilities:

• Conduct internal and external penetration testing of networks, web applications, APIs, and cloud environments to identify security vulnerabilities and exploit paths.
• Perform red team engagements simulating real-world adversary tactics, techniques, and procedures (TTPs) aligned with MITRE ATT&CK.
• Execute vulnerability assessments and validate remediation efforts through retesting and technical verification.
• Develop comprehensive penetration testing reports, including executive summaries, risk ratings, proof-of-concept evidence, and actionable remediation guidance.
• Perform threat modeling and attack surface analysis to identify high-risk exposure areas and privilege escalation pathways.
• Conduct secure configuration reviews of operating systems, network infrastructure, cloud platforms, and identity systems.
• Evaluate application security through dynamic and manual testing techniques, including authentication, session management, input validation, and access control testing.
• Review source code for security weaknesses and secure coding gaps, particularly in C/C++, Python, Java, or similar languages.
• Develop and maintain custom scripts or tooling to automate testing activities and enhance offensive security capabilities.
• Support incident response activities by recreating attack chains, validating compromise scenarios, and identifying root causes.
• Assess Zero Trust implementations, micro-segmentation strategies, and identity-based security controls for effectiveness.
• Conduct phishing simulations and social engineering exercises to evaluate user awareness and organizational resilience.
• Provide technical briefings to executive leadership and technical stakeholders regarding risk posture and remediation prioritization.
• Collaborate with engineering, DevOps, and infrastructure teams to remediate identified vulnerabilities and strengthen security architecture.
• Contribute to the development of security policies, testing methodologies, and enterprise security standards.
• Support compliance efforts by mapping testing results to NIST, OWASP, CIS, or other applicable security frameworks.
• Participate in continuous improvement of penetration testing methodologies, tools, and adversary emulation strategies.
• Adhere to all security, change control, and Project Management Office (PMO) policies, processes, and methodologies.

Minimum Qualifications:

• A Minimum eight (8) years of progressive experience in cybersecurity
• A minimum of five (5) years performing penetration testing or red team engagements.
• A minimum of five (5) years conducting network penetration testing, web application and API testing, internal and external vulnerability assessments and threat modeling and attack path analysis
• A minimum of five (5) years developing and delivering formal penetration test reports, including executive summaries and technical remediation guidance.
• A minimum of five (5) years supporting incident response investigations and validation testing.
• A minimum of five (5) years with common penetration testing tools (e.g., Metasploit, Burp Suite, Nmap, Wireshark, Nessus, etc.).
• Strong knowledge of Secure coding practices, Application security testing (SAST/DAST concepts), Network architecture and segmentation and Identity and access management concepts
• A minimum of five (5) years of demonstrated scripting or development ability in at least one language (e.g., Python, C/C++, PowerShell, Bash).
• A minimum of five (5) years of working with NIST Cybersecurity Framework, NIST 800- 53 or similar federal control frameworks, MITRE ATT&CK and OWASP Top 10
• A minimum of five (5) years of experience mapping findings to security control frameworks.
• At least one recognized offensive security certification (e.g., OSCP, GPEN, GXPN, CEH, or major experience can substitute for certification).
• Demonstrated ability to communicate technical findings to executive and non-technical audiences, and provide actionable remediation recommendations.
• Demonstrated experience working in government or highly regulated environments.

Preferred Qualifications:

• A Minimum ten (10) years of progressive experience in cybersecurity
• A minimum of eight (8) years of experience in Advanced Offensive Security:
  • Experience leading red team engagements.
  • Experience performing adversary emulation exercises.
  • Experience conducting phishing and social engineering simulations.
  • Experience performing purple team exercises.

• A minimum of five (5) years of experience in Zero Trust & Architecture:
  • Experience designing or assessing Zero Trust implementations.
  • Experience evaluating micro-segmentation strategies and identity-centric controls.
• A minimum of five (5) years of experience in Cloud & Modern Infrastructure:
  • Experience performing security assessments in AWS or Azure environments, Containerized environments (Docker/Kubernetes) and Infrastructure-as-Code deployments
  • Experience testing CI/CD pipelines.
• A minimum of ten (10) years of experience in Software Development Depth:
  • Strong low-level development knowledge (kernel, assembly, embedded systems) that supports advanced exploit analysis.
  • Experience reviewing source code in JAVA or other compiled languages for vulnerabilities.
• A minimum of ten (10) years of experience in Government in the following:
  • Experience supporting federal or state government security programs.
  • Familiarity with FedRAMP, FISMA, or IRS Pub 1075 environments.

ASSYST is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, disability, military status, national origin or any other characteristic protected under federal, state, or applicable local law