Security Software Engineer - Red Team Pen Tester

Data Intelligence is seeking a seasoned Security Software Engineer — Red Team / Penetration Tester to join a hands-on offensive security team supporting mission systems in the defense domain. This role is ideal for a pragmatic, technically deep engineer who blends software development, exploitation tooling, and operational red-team experience to assess and harden complex enterprise and DoD environments.

Key Responsibilities

• Plan and execute advanced penetration tests and red-team engagements against enterprise, cloud, and mission systems (including VDI, virtualization stacks, network enclaves, identity systems, and web services).
• Design, develop, and maintain offensive tooling, exploit code, C2 components, and automation to support engagements.
• Conduct network, host, web application, cloud, and identity-centric assessments (including REST/SOAP web services and modern auth protocols such as OAuth2/SAML/LDAP).
• Perform vulnerability discovery, exploit development, privilege escalation, lateral movement, persistence techniques, and post-exploitation analysis.
• Use and extend common pentest frameworks and tools (Kali, Metasploit, Nmap, Cobalt Strike) and integrate custom scripts and modules.
• Evaluate and document attack paths, IM/SSO/MFA bypass scenarios, and misconfigurations across Microsoft Entra ID (Azure AD), Active Directory, hybrid Microsoft 365 environments, and federation/SSO integrations.
• Test and evaluate network and security devices (Palo Alto, Cisco, FirePower, IOS/ASA, Nexus) and virtualization/storage platforms (vCenter/vRealize/Horizon, NetApp/ONTAP, SnapMirror).
• Perform cloud security assessments (AWS, serverless, microservices) and audit cloud configurations and workloads.
• Produce clear, actionable deliverables: technical findings, exploit proofs-of-concept, attack narratives, remediation guidance, and executive summaries for stakeholders.
• Collaborate with blue teams, DevSecOps, and engineering teams to validate fixes and drive continuous improvement.

Required Skills/Experience

Education: Bachelor's degree in Computer Science, Engineering, Information Security, or equivalent experience preferred.

Experience: Minimum 5 years of software engineering applied to program development, modeling, or simulation for DoD or IT systems and a minimum 5 years hands-on experience with:

• Linux: firm grasp / demonstrated knowledge (training such as CompTIA Linux+ or FedVTE Linux+ preferred).
• Windows & enterprise networks: foundational understanding of Windows enterprise administration (relevant Microsoft coursework/certification experience preferred).

Offensive tooling & techniques: Strong working knowledge and practical use of Kali, Metasploit, Nmap, Cobalt Strike.

Documented operational experience in at least one of the following:

1. Penetration Testing (government or contractor)
2. Red Team Operations (government or contractor)
3. Tool/Software Development (exploits, malware/C2, reverse engineering, bug bounties)
4. Offensive/defensive programming in Python, C, C#, C++, Go, Perl, PowerShell
5. Web development / web application penetration testing (PHP, ASP, SQL/NoSQL, Java, HTML), including RESTful and SOAP services and modern authentication schemes

Minimum certification: Must hold one of the following (or equivalent, current):

• Offensive Security: OSCP, OSCE, OSEE, OSWP
• SANS: GPEN (SEC560), GWAPT (SEC542), SEC660, GXPN, SEC642, SEC564

Operational tools/platform familiarity: experience with virtualization & VDI stacks (NSX, vCenter, vRealize, Horizon), network/security appliances (Palo Alto, Cisco), storage platforms (NetApp/ONTAP), and virtualization/cloud platforms (VMware, AWS).

Identity & automation: demonstrable experience with Active Directory, Microsoft Entra ID (Azure AD), SSO/MFA, identity federation, and automation using PowerShell / PowerAutomate / Logic Apps / Graph API.

Clearance: Current Top Secret Security Clearance

Desired/Preferred Skills

• Prior experience conducting Red Team operations in an MDE (Managed Detection & Response / Microsoft Defender for Endpoint) environment.
• Experience with cloud audit, serverless, microservice architectures and security.
• Prior development of offensive tooling, exploit chains, or C2 frameworks.
• Familiarity with DoD and government network enclaves, operational tradecraft, and mission-critical systems.
• Prior experience working on DoD or national security contracts and understanding of classification and handling of sensitive findings.
• Strong technical writing and presentation skills; ability to translate technical findings for non-technical leadership.

Data Intelligence, DI is an established small business that has supported the critical missions of our government clients since 2005. We provide full life cycle system development, systems engineering, cybersecurity, and supporting analytical and logistics support to C4ISR and other complex systems. We are an equal opportunity employer that offers competitive salaries, comprehensive benefits, a team-oriented environment, and opportunities for advancement. Our excellent employee retention record reflects our employee focus. We work with Veteran's organization to proactively hire those who have served our country. We offer medical, dental and vision insurance, 401k, PTO and 11 paid holidays.

Data Intelligence is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.