Job Description Everforth ECS is seeking a
Penetration Testing Team Lead who lives in close proximity to the
National Capital Region (NCR) to join a premier, enterprise-scale cybersecurity program supporting a major federal civilian agency.
Please Note: This position is contingent upon contract award. Salary Range: $170,000 - $190,000
This flagship initiative unifies 24x7x365 Security Operations (SOC), proactive threat hunting, and advanced Security Engineering and Architecture into a cohesive defensive mission. As a key leader on this program, you will drive the protection of highly sensitive, national-level financial, and personally identifiable information (PII). You will be at the forefront of modernizing the agency's cyber posture, implementing advanced automation, and ensuring continuous operational resilience across a massive, highly complex federal IT enterprise.
As the Penetration Testing Team Lead, you will serve as the principal offensive security authority for the program - planning, directing, and executing advanced penetration testing and Red Team engagements across a large-scale federal civilian environment. Working closely with SOC, threat hunting, and security engineering teams. You will identify and exploit vulnerabilities before adversaries can validate the agency's defensive controls, and deliver clear, actionable reporting that drives measurable improvements in the agency's overall security posture.
Position Responsibilities: - Plan, coordinate, and lead Red Team and penetration testing engagements across federal systems, including network infrastructure, web applications, APIs, and cloud environments.
- Oversee all aspects of test planning, execution, and reporting, ensuring engagements are thorough, well-documented, and deliver clear, actionable findings for both technical teams and senior government officials.
- Maintain penetration testing and Red Team tools, including patches, upgrades, environmental configurations, and inventory management to ensure operational readiness across all engagements.
- Ensure all engagements align with NIST SP 800-115, MITRE ATT&CK, and DHS Risk and Vulnerability Assessment (RVA) standards.
- Lead and execute advanced Purple Team engagements in coordination with the SOC and threat hunting teams to validate detection coverage and improve defensive response capabilities.
- Demonstrate expertise in multi-layer exploitation, with the ability to identify, chain, and execute attacks across network infrastructure, operating systems, web applications, APIs, and cloud platforms.
- Mentor junior penetration testers, providing technical guidance, supporting skills development, and evaluating new tools and techniques for inclusion in the team's toolkit.
- Produce high-quality penetration testing reports that clearly document findings, exploit chains, risk ratings, and remediation recommendations in language accessible to both technical and executive audiences.
- Research emerging offensive techniques, adversary TTPs, and new tooling to ensure the team's methods remain current and representative of real-world threats.
Collaborate with vulnerability management, security engineering, and SOC teams to ensure penetration testing findings are tracked, prioritized, and remediated in a timely manner.
Required Skills - U.S. Citizenship required.
- 12+ years of experience in offensive security, with demonstrated expertise in penetration testing and Red Team operations across complex federal or enterprise environments.
- Remote but within close proximity to the NCR.
- Active Public Trust 6c clearance, or the ability to obtain and maintain one.
- At least one of the following certifications: OSCP, OSCE, GXPN, or CEH.
- Hands-on experience with network, web application, AWS cloud, and API penetration testing across complex, large-scale environments.
- Proficiency with offensive security tooling and the ability to adapt and develop custom techniques as required by the engagement.
- Demonstrated ability to plan, manage, and execute penetration testing engagements from scoping through final reporting.
- Strong knowledge of the MITRE ATT&CK framework and its practical application to adversary emulation and Red Team planning.
- Familiarity with NIST SP 800-115 and DHS RVA standards for federal penetration testing engagements.
- Excellent written and verbal communication skills, including strong technical writing ability and experience presenting findings to senior government officials.
Desired Skills - Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field or equivalent professional experience.
- One of the following certifications:
- Offensive Security Experienced Penetration Tester (OSEP / PEN-300)
- Offensive Security Web Expert (OSWE)
- AWS Certified Security Specialty or equivalent cloud offensive security training
- GIAC Certified Penetration Tester (GPEN)
- Burp Suite Certified Practitioner
- Familiarity with federal cybersecurity frameworks including NIST SP 800-53, NIST RMF, IRS Publication 1075, FedRAMP, and OMB compliance requirements.
- Prior experience working on large-scale federal civilian agency programs with complex, multi-stakeholder environments.
- Experience conducting or supporting ICS/OT penetration testing and cloud-native offensive security operations in AWS GovCloud or Azure Government environments.
- Familiarity with EDR evasion techniques and advanced adversary emulation methodologies, including OffSec's PEN-300 (OSEP).
- Experience with web application offensive security tooling, including Burp Suite Professional, and familiarity with the Burp Suite Certified Practitioner certification.
- Ability to provide strategic guidance that enhances and optimizes an agency's overall offensive security and vulnerability management posture.
- Experience developing or contributing to a formal Red Team program within a federal or enterprise environment, including rules of engagement, test planning templates, and findings databases.
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
Everforth ECS is the federal segment of
Everforth , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
- Attracting and developing top talent and high-performing teams
- Fostering a culture that is engaging, accountable, and mission-driven
Meet the challenge. Make a difference with Everforth ECS!