Penetration Tester

Who we are:

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a work hard, play hard mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

The Perks:

As recognized members of the Cyber Elite, we work together in partnership to defend our nation s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.

Who we're looking for:

We are seeking an experienced Penetration Tester with a strong background in providing cybersecurity assessment services in dynamic, fast-paced public sector environments. The ideal candidate will bring expertise in cybersecurity tools, proven methodologies, and industry best practices within the federal market. This is a unique opportunity to contribute to the growth and culture of an emerging cybersecurity company. The role also offers travel opportunities to client sites both locally and nationally.

What you'll be doing:

• Deliver comprehensive cybersecurity scanning and testing services to assess vulnerabilities and risks in customer systems.
• Integrate threat intelligence to provide clients with findings that support risk management and decision-making processes.
• Coordinate and manage assessment equipment, ensuring up-to-date images, on-site setup and teardown, and ongoing maintenance.
• Operate cybersecurity assessment tools in collaboration with government teams to provide insights into system vulnerabilities.
• Support the IT Security Expert Level II in developing and documenting assessment reports, following government report templates.

What you need to know:

• Knowledge of host identification and vulnerability exploitation.
• Familiarity with phishing techniques and payload crafting.
• Skills in script writing, database operations, and system/network administration.
• Proficiency with assessment tools, including but not limited to Metasploit, Nmap, Burp Suite, Powersploit, and Cobalt Strike.
• Ability to perform effectively in critical and dynamic environments.
• In-depth knowledge of FISMA and NIST 800 series standards.
• Extensive experience with network mapping, vulnerability scanning, penetration testing, and web application testing.
• Expertise in phishing assessments, wireless assessments, operating system security assessments, and database assessments.

Must have's:

• Bachelor s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field.
• 2+ years of operational experience in penetration testing.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• One or more of the following certifications: OSCP, OSCE, GPEN, GXPN, or equivalent.
• Active Public Trust clearance and ability to pass a federal background check.

Where it's done:

• Remote (Herndon, VA) with up to 25% travel.