Penetration Tester, Lead

Overview

Lead Penetration Tester

woodcons.com

Location: Annapolis Junction, Maryland, USA

Job Type: Full-Time

Shift: Day

Telework: None

Salary Range: **$100,000 to $200,000 per year

** Starting salary is based on minimum education and years of experience and increases based on education and/or experience.

Overview: WOOD is seeking a highly skilled Lead Penetration Tester to join a high‑performing Agile team supporting a major system engineering, development, test, integration, and operational support program. You will work alongside cyber SMEs to safeguard enterprise‑wide information systems-protecting LAN/WAN environments, public‑facing systems, commercial internet connections, websites, servers, workstations, and more. This role is critical in preventing, detecting, containing, and eradicating advanced cyber threats across mission‑critical networks. If you thrive in offensive security, enjoy complex technical challenges, and want to influence enterprise‑level cyber defense strategy, this is an exceptional opportunity.

Application Process: Interested candidates should submit their resume detailing their qualifications and experience.

Security Clearance Requirements:

This position requires all candidates to be U.S. Citizens and possess an active TS/SCI Security Clearance with a Polygraph.

Responsibilities

• Conduct internal and external penetration tests to identify vulnerabilities and recommend mitigation strategies.
• Perform web application penetration tests.
• Execute vulnerability risk assessments.
• Conduct physical penetration tests and social engineering exercises.
• Support cyber incident response activities as needed.
• Assess the security impact of new system developments or changes.
• Review, evaluate, and test mission‑critical software for security weaknesses.
• Define security compliance requirements for new system capabilities.
• Identify and remediate vulnerabilities across the system lifecycle.
• Audit and assess system security configurations using industry‑standard tools and methodologies.
• Coach development teams to improve understanding of vulnerabilities, attack vectors, and mitigation techniques.
• Collaborate with Systems, Test, and Integration Engineering teams to ensure architecture meets stringent security requirements.
• Develop, implement, and enforce security policies, standards, and methodologies.
• Serve as a security SME to Program Managers, technical experts, and internal teams.

Qualifications

Required Skills & Experience:

• Hands‑on experience using penetration testing tools.
• Experience in web development and programming languages (Java, XML, Perl, HTML).
• Experience with programming/scripting (Python, PowerShell, C, JavaScript, etc.).
• Extensive IT security risk assessment experience.
• Experience performing web application and physical pentests.
• Familiarity with web app security tools (Burp Suite, WebInspect, AppDetective).
• Familiarity with Kali Linux and IPS/IDS solutions.
• Strong understanding of the Cyber Kill Chain methodology.
• Experience applying the Risk Management Framework (RMF).
• Experience securing desktop and server OS configurations.
• Ability to collaborate with technical teams and customers to develop mitigation strategies.
• Ability to manage multiple projects and adapt to changing priorities.

Preferred Qualifications:

• Bachelor's degree in a technical/information assurance field and 12+ years of experience.
• One or more of the following certifications strongly preferred:
  • GIAC Web Application Penetration Tester (GWAPT)
  • GIAC Penetration Tester (GPEN)
  • CEH, CISM, GWEB, CISSP
• Extensive experience designing and implementing integrated security services, including:
  • Network penetration testing
  • Antivirus planning
  • Risk analysis
  • Incident response
• Experience supporting application development security, including system certifications and firewall evaluations.

About WOOD

Fringe Benefits:

• Health Insurance: Comprehensive medical, dental, and vision plans.
• Retirement Plan: 401(k) with company match.
• Paid Time Off: Generous PTO policy including vacation, sick leave, and holidays.
• Professional Development: Opportunities for training, certifications, and career advancement.
• Work-Life Balance: Flexible work schedules and remote work options.
• Wellness Programs: Employee assistance programs, wellness initiatives, and gym membership discounts.

Why Join Us?

• Career Growth: Take advantage of professional development opportunities and career advancement. As a vital part of impactful projects, you will have the chance to drive innovation and shape the future of government systems engineering.
• Supportive Environment: Work in a collaborative and flexible environment that values work-life balance. Join a team of top-tier professionals and engage in dynamic, cross-functional collaboration. Your strategic mindset and proactive approach will be highly valued and supported.
• Competitive Compensation: Enjoy a competitive salary and comprehensive benefits package. We recognize and reward your expertise and dedication to excellence.

WOOD is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.