Job Details

Penetration Tester




Chantilly, VA 20151


Job Description

What You'll Get to Do:
As a Penetration Tester, you will provide technical security assessments of applications and infrastructure, security design reviews as well as risk assessments. This is a hands-on role, requiring technical skills from the hardware to the application layer.

More About the Role:

  • Conduct hands-on technical testing beyond automated tool validation, including full exploitation and leveraging of access within multiple environments

  • Conduct scenario-based security testing or red teaming to identify gaps in detection and response capabilities of client networks, and develop comprehensive and accurate reports and presentations client.

  • Communicate findings and strategy to client stakeholders

  • Apply security testing and penetration testing techniques and mindset to a wide range of projects

You'll Bring These Qualifications:

  • Must have an active TS/SCI with Poly
  • Demonstrated real world experience performing grey and black box penetration testing
  • Have an understanding of and interest in common web application vulnerabilities like XSS, CSRF, Command Injection, SQLi, single sign-on limitations, etc.
  • Must be proficient in any of the following: PowerShell Empire, Metasploit Framework, Cobalt Strike, Burp Suite, Canvas, Kali Linux, IPTables, Sysinternals, A/V evasion methodologies, Exploit Dev
  • Must have solid working experience and knowledge of Windows operating systems (incl. Active Directory), Linux operating systems; ESXi or similar; mobile platforms are a plus
  • Solid understanding of networking, TCP/IP, virtualization and cloud/data center architecture
  • Strong familiarity with some of the following: OWASP top 10, DoD and NSA Vulnerability and Penetration Testing Standards
  • Knowledge of exploitation concepts including phishing and social engineering tactics, buffer overflows, fuzzing, SQLi, MiTM, covert channels, secure tunneling and open source exfiltration techniques

These Qualifications Would be Nice to Have:

  • Experience performing Red Team, Blue Team Operations
  • Certifications such as OSCP, OSCE, GPEN, GWAPT, GPEN, GXPN, CEH, CISSP
  • Malware analysis or digital computer forensics experience
  • Cyber related Law Enforcement or Counterintelligence experience
  • Scripting (Windows/*nix), Bash, Python, Perl or Ruby, Systems Programming is a plus
  • Existing Subject Matter Expert of Advanced Persistent Threats and Emerging Threats
  • Proactive interest in emerging technologies and techniques related to penetration testing

What We Can Offer You:

- We've been named a Best Place to Work by the Washington Post.

- Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.

- We offer competitive benefits and learning and development opportunities.

- We are mission-oriented and ever vigilant in aligning our solutions with the nation's highest priorities.

- For over 55 years, the principles of CACI's unique, character-based culture have been the driving force behind our success.

Job Location



CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.

Post Date:
Minimum Clearance:
Job Category:
IT - QA and Test
Unspecified annual salary
Unspecified hourly wage
Group ID: