Posted today
Top Secret/SCI
Senior Level Career (10+ yrs experience)
Unspecified
IT - Security
Arlington, VA (On-Site/Office)
Penetration Tester – Industrial Control Systems (ICS)
Federal Strategic Cyber Programs | Red Cell Operations
Location: Northern Virginia
Work Model: Hybrid (flexible; on-site presence as mission needs require)
Position Overview
ICS is seeking a highly skilled Cyber Penetration Tester to join our elite Red Cell Team supporting critical Federal Strategic Cyber programs. This role offers the opportunity to operate at the forefront of offensive cybersecurity—identifying, exploiting, and remediating vulnerabilities across complex enterprise and mission-critical environments. You will work closely with system owners, engineers, and senior security leaders to strengthen national-level systems against advanced threats.
Key Responsibilities
Lead and execute penetration tests against customer systems to evaluate security posture and adversary exposure.
Support Red Cell operations by identifying vulnerabilities, validating exploitability, and developing actionable remediation recommendations aligned with NIST SP 800-53 security controls.
Clearly report, demonstrate, and brief findings to system owners, engineers, and leadership audiences.
Maintain and enhance Red Cell infrastructure, tooling, and operational environments.
Develop, modify, or automate tools to improve discovery, exploitation, and reporting efficiency.
Mentor and guide junior and senior penetration testers, providing technical leadership throughout assessment engagements.
Required Qualifications
Education & Experience
Bachelor’s degree with 5+ years of relevant Cyber/IT experience, or
Master’s degree with 3+ years of relevant Cyber/IT experience, or
In lieu of a degree, 4 additional years of IT security or penetration testing experience may be considered.
Minimum of 2 years of hands-on penetration testing experience.
Technical Expertise
Demonstrated experience using Kali Linux.
Proficiency with penetration testing tools such as Nmap, Burp Suite, Metasploit, and similar platforms.
Proven ability to evaluate vulnerabilities, perform root-cause analysis, and document findings using recognized methodologies, including:
NIST SP 800-115
PTES
ISSAF
OWASP Web Security Testing Guide
Experience leading penetration tests and directing both senior and junior team members.
Certifications
Must possess one of the following certifications or be able to obtain prior to start date:
CCNA CyberOps, CCNA-Security
CEH, CFR
Cloud+, CySA+
GCIA, GCIH, GICSP
SCYBER, Security+ CE, SSCP
Clearance & Citizenship
U.S. citizenship required
Active Secret clearance required
Must have the ability to obtain a Top Secret clearance
Preferred Qualifications
Clearance
Active Top Secret or TS/SCI clearance
Advanced Security Certifications
CompTIA CASP+
ISC2 CISSP, CCSP, or ISSEP
Advanced Penetration Testing Certifications
Offensive Security OSCP
Hack The Box CPTS
TCM Security PNPT
GIAC GXPN
Zero Point Security Red Team Ops II
Advanced Technical Knowledge
NIST Risk Management Framework (RMF) and Assessment & Authorization (A&A) processes
Core security principles (CIA, IAAAA, access control models, risk management)
Networking concepts including IP routing, TCP/UDP, VPNs, firewalls, and NAT
Common network protocols (SSH, FTP, SMTP, SMB, HTTP)
Operating system fundamentals (processes, permissions, file systems, device and user management)
Cryptography and data protection concepts (encoding, hashing, encryption)
Scripting and programming languages such as Bash, Python, PowerShell, JavaScript
Enterprise and web application vulnerabilities including:
Misconfigurations, outdated components, weak logging and monitoring
XSS, SQL injection, LFI, insecure file uploads, broken authentication
Active Directory enumeration and exploitation (Kerberoasting, AS-REP roasting, privilege abuse, Golden Tickets)
PKI and MFA-enabled enterprise environments
Cloud platforms including AWS, Microsoft Azure, and GCP
Why Join ICS
At ICS, you’ll contribute directly to protecting high-impact federal systems while working alongside seasoned cyber professionals in a mission-driven, technically rigorous environment. This role offers exposure to advanced adversary techniques, cutting-edge tooling, and real-world threat scenarios—ideal for professionals seeking growth, challenge, and national-level impact.
Federal Strategic Cyber Programs | Red Cell Operations
Location: Northern Virginia
Work Model: Hybrid (flexible; on-site presence as mission needs require)
Position Overview
ICS is seeking a highly skilled Cyber Penetration Tester to join our elite Red Cell Team supporting critical Federal Strategic Cyber programs. This role offers the opportunity to operate at the forefront of offensive cybersecurity—identifying, exploiting, and remediating vulnerabilities across complex enterprise and mission-critical environments. You will work closely with system owners, engineers, and senior security leaders to strengthen national-level systems against advanced threats.
Key Responsibilities
Lead and execute penetration tests against customer systems to evaluate security posture and adversary exposure.
Support Red Cell operations by identifying vulnerabilities, validating exploitability, and developing actionable remediation recommendations aligned with NIST SP 800-53 security controls.
Clearly report, demonstrate, and brief findings to system owners, engineers, and leadership audiences.
Maintain and enhance Red Cell infrastructure, tooling, and operational environments.
Develop, modify, or automate tools to improve discovery, exploitation, and reporting efficiency.
Mentor and guide junior and senior penetration testers, providing technical leadership throughout assessment engagements.
Required Qualifications
Education & Experience
Bachelor’s degree with 5+ years of relevant Cyber/IT experience, or
Master’s degree with 3+ years of relevant Cyber/IT experience, or
In lieu of a degree, 4 additional years of IT security or penetration testing experience may be considered.
Minimum of 2 years of hands-on penetration testing experience.
Technical Expertise
Demonstrated experience using Kali Linux.
Proficiency with penetration testing tools such as Nmap, Burp Suite, Metasploit, and similar platforms.
Proven ability to evaluate vulnerabilities, perform root-cause analysis, and document findings using recognized methodologies, including:
NIST SP 800-115
PTES
ISSAF
OWASP Web Security Testing Guide
Experience leading penetration tests and directing both senior and junior team members.
Certifications
Must possess one of the following certifications or be able to obtain prior to start date:
CCNA CyberOps, CCNA-Security
CEH, CFR
Cloud+, CySA+
GCIA, GCIH, GICSP
SCYBER, Security+ CE, SSCP
Clearance & Citizenship
U.S. citizenship required
Active Secret clearance required
Must have the ability to obtain a Top Secret clearance
Preferred Qualifications
Clearance
Active Top Secret or TS/SCI clearance
Advanced Security Certifications
CompTIA CASP+
ISC2 CISSP, CCSP, or ISSEP
Advanced Penetration Testing Certifications
Offensive Security OSCP
Hack The Box CPTS
TCM Security PNPT
GIAC GXPN
Zero Point Security Red Team Ops II
Advanced Technical Knowledge
NIST Risk Management Framework (RMF) and Assessment & Authorization (A&A) processes
Core security principles (CIA, IAAAA, access control models, risk management)
Networking concepts including IP routing, TCP/UDP, VPNs, firewalls, and NAT
Common network protocols (SSH, FTP, SMTP, SMB, HTTP)
Operating system fundamentals (processes, permissions, file systems, device and user management)
Cryptography and data protection concepts (encoding, hashing, encryption)
Scripting and programming languages such as Bash, Python, PowerShell, JavaScript
Enterprise and web application vulnerabilities including:
Misconfigurations, outdated components, weak logging and monitoring
XSS, SQL injection, LFI, insecure file uploads, broken authentication
Active Directory enumeration and exploitation (Kerberoasting, AS-REP roasting, privilege abuse, Golden Tickets)
PKI and MFA-enabled enterprise environments
Cloud platforms including AWS, Microsoft Azure, and GCP
Why Join ICS
At ICS, you’ll contribute directly to protecting high-impact federal systems while working alongside seasoned cyber professionals in a mission-driven, technically rigorous environment. This role offers exposure to advanced adversary techniques, cutting-edge tooling, and real-world threat scenarios—ideal for professionals seeking growth, challenge, and national-level impact.
group id: 10176392
