Today
Top Secret
Unspecified
Unspecified
IT - Software
Remote/Hybrid• (Off-Site/Hybrid)
As a Zero-Trust Offensive Security Lead, you will be at the forefront of validating and stress-testing the "never trust, always verify" security model across our customers' networks, systems, and applications. Your role is critical in proving the resilience of Zero-Trust architectures against advanced threats, ensuring that every user, device, and service is continuously authenticated, authorized, and monitored .
You will serve as the technical lead for penetration testing and threat emulation engagements - supervising your assessment team, interfacing directly with customers, and guiding them in strengthening least privilege, micro-segmentation, and continuous verification controls. Primary work will support the Department of Defense (Navy), with additional opportunities to lead commercial sector engagements.
This is more than a penetration testing role- it's about challenging the assumptions of trust in modern architectures and proving the effectiveness of Zero-Trust implementations in the most demanding environments. You won't just find vulnerabilities; you'll help organizations architect and validate security with the assumption of compromise at its core.
Key Responsibilities
Required Qualifications
Preferred Qualifications
Why Work for Us?
Core4ce is a team of innovators, self-starters, and critical thinkers-driven by a shared mission to strengthen national security and advance warfighting outcomes.
We offer:
Join us to build a career that matters-supported by a company that invests in you.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), national origin, disability, veteran status, age, genetic information, or other legally protected status.
You will serve as the technical lead for penetration testing and threat emulation engagements - supervising your assessment team, interfacing directly with customers, and guiding them in strengthening least privilege, micro-segmentation, and continuous verification controls. Primary work will support the Department of Defense (Navy), with additional opportunities to lead commercial sector engagements.
This is more than a penetration testing role- it's about challenging the assumptions of trust in modern architectures and proving the effectiveness of Zero-Trust implementations in the most demanding environments. You won't just find vulnerabilities; you'll help organizations architect and validate security with the assumption of compromise at its core.
Key Responsibilities
- Lead and execute offensive security operations designed to validate Zero-Trust principles across internal, external, cloud, and hybrid environments.
- Simulate advanced adversary tactics to identify weaknesses in identity management, segmentation, and trust boundaries.
- Perform vulnerability analysis, exploitation, and custom test development to challenge authentication, authorization, and monitoring controls.
- Design and conduct scenario-based penetration tests and Purple Team exercises to measure detection and prevention capabilities against MITRE ATT&CK-mapped threats.
- Deliver detailed reports and executive briefings, prioritizing remediation strategies that advance the customer's Zero-Trust maturity.
- Collaborate with SOC and IR teams to ensure findings feed into continuous monitoring and adaptive policy enforcement.
- Perform reverse engineering or malware analysis to develop defensive measures tailored to endpoint and network trust validation requirements.
Required Qualifications
- Active DoD Top Secret clearance.
- Bachelor's degree in a related field or 10+ years of relevant IT or cybersecurity experience.
- 7 + years of direct experience in penetration testing, red teaming, and vulnerability assessments.
- Proven expertise applying Zero-Trust security concepts in offensive security engagements.
- Scripting skills in Python, Ruby, Lua/NSE, and PowerShell for automation and custom testing.
- Experience developing Rules of Engagement, policies, and operational plans aligned with Zero-Trust governance.
- Familiarity with SOC/IR workflows and integration into continuous verification processes.
- Active DoD 8570 IAT Level I I or greater, plus one or more of the following: OSCP, OSCE, OSWA, OSWE, GPEN, GXPN, GWAPT.
- Deep knowledge of vulnerabilities, attack vectors, and mitigations, especially those impacting identity, access control, and segmentation in Zero-Trust designs.
- Proficiency with offensive security tools such as Nmap, Kali Linux, Metasploit, Cobalt Strike, and Burp Suite.
Preferred Qualifications
- Experience in Red and Purple Team testing methodologies.
- Familiarity with MITRE ATT&CK and D3FEND frameworks.
- Experience emulating APT campaigns to test Zero-Trust enforcement.
Why Work for Us?
Core4ce is a team of innovators, self-starters, and critical thinkers-driven by a shared mission to strengthen national security and advance warfighting outcomes.
We offer:
- 401(k) with 100% company match on the first 6% deferred, with immediate vesting
- Comprehensive medical, dental, and vision coverage-employee portion paid 100% by Core4ce
- Unlimited access to training and certifications, with no pre-set cap on eligible professional development
- Tuition assistance for job-related degrees and courses
- Paid parental leave, PTO that grows with tenure, and generous holiday schedules
- Got a big idea? At Core4ce, The Forge gives every employee the chance to propose bold innovations and help bring them to life with internal backing.
Join us to build a career that matters-supported by a company that invests in you.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), national origin, disability, veteran status, age, genetic information, or other legally protected status.
group id: 10488887
