Expert Cyber Penetration Tester

ASRC Federal is a leading government contractor furthering missions in space, public health and defense. As an Alaska Native owned corporation, our work helps secure an enduring future for our shareholders. Join our team and discover why we are a top veteran employer and Certified Great Place to Work™

ASRC Federal is seeking an experienced Cyber Penetration Tester (Expert) to lead advanced security assessments and contribute to the development and execution of penetration testing strategies. This role combines hands-on testing with leadership, mentoring, and collaboration across cybersecurity disciplines.

Responsibilities

• Lead and perform advanced security assessments, including hands-on penetration testing of systems and applications.
• Identify vulnerabilities, assess risks, and deliver clear, actionable remediation recommendations.
• Develop and maintain assessment plans aligned withNIST SP 800-53 and FedRAMP Cloud Security Controls.
• Execute security assessments per defined plans and document findings accurately and promptly.
• Design, develop, and maintain tools/scripts to automate and enhance penetration testing activities.
• Manage and mentor a small team of junior penetration testers; provide technical guidance and training.
• Build and lead a Purple Team to perform joint red/blue team exercises with customer sites.
• Support secure systems operations and maintenance, including security validation and accreditation activities.
• Analyze and mitigate system security threats throughout the lifecycle, including risk assessments and implementation of security engineering controls.
• Ensure compliance with business continuity, operations security, insider threat detection, physical security analysis, and regulatory requirements.
• Communicate technical findings effectively to technical teams and executive stakeholders.

Requirements

• Education: Bachelor's degree in a related field.
• Experience: 10-12 years of relevant experience in cybersecurity and penetration testing (or equivalent combination of education and experience).
• Clearance: Active DOE Q-Clearance or Top Secret (TS) equivalent required.
• Certifications (Preferred):
  
  • OSCP (Offensive Security Certified Professional)
  • OSCE (Offensive Security Certified Expert)
  • CEH (Certified Ethical Hacker)
  • CISSP (Certified Information Systems Security Professional)

Technical Skills & Tools

• Strong proficiency in vulnerability analysis, risk remediation, and reporting.
• Ability to clearly replicate vulnerabilities and provide actionable mitigation steps.
• Familiarity with tools including:
  
  • Linux, Tenable Nessus, Forescout, Carbon Black, Invicti,
  • Scythe, Rubrik, Fidelis
• Excellent written and verbal communication skills; ability to present technical findings to executive audiences.

We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefits packages. Benefits offered may include health care, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law.

EEO Statement

ASRC Federal and its Subsidiaries are Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.