Posted today
Secret
Unspecified
Unspecified
IT - QA and Test
Charleston, SC (On-Site/Office)
Job Type
Part-time
Description
Information Systems Solutions, Inc. (ISS) is seeking an experienced Senior Penetration Tester to join our Security Control Assessment (SCA) team in support of the National Science Foundation (NSF) Office of Polar Programs (OPP) and the United States Antarctic Program.
In this role, you will lead advanced security testing and risk assessment activities across enterprise systems, infrastructure, and cloud environments. You will evaluate security controls against NIST standards, simulate real-world attack scenarios, and provide actionable risk guidance to technical teams and program leadership.
Job Responsibilities:
• Assessment of security policies, procedures and processes against NIST standards.
• Review of System Security Plans to report on compliance throughout the organization.
• Provide Quarterly Reports of system security metrics.
• Collaborate with other SCA Team Members to assess the Confidentiality, Integrity and Availability of systems
• Advise Program Management on risk levels and security posture
• Recognize possible security violations and takes appropriate action to report the incident, as required.
• Ensure cybersecurity security requirements are appropriately identified in system environment operation procedures and collect and maintain data needed to meet system IA reporting requirements.
• Evaluate system POA&Ms, tracking milestones
• Prepare Risk Assessment Reports related to Pen Testing Activities
• Conduct Red Team, Purple Team activities using government approved toolsets
Why Work For ISS?
At ISS we pride ourselves on providing an employee-focused and family first environment. Being a small business, we take the time to get to know our employees and have a vested interest in helping them achieve their career goals. We work to schedule regular social gatherings within the company to foster camaraderie. ISS values their employees by providing a comprehensive benefits package that includes a fully vested 401(k) matching program, coverage of family medical deductibles, spot bonuses, and educational assistance to further your career.
Requirements
Clearance Level
Secret
Certifications (IAT Level II)
One of the following:
• Security+ CE
• GIAC Security Essentials Certification (GSEC)
• Security Certified Network Professional (SCNP)
• System Security Certified Practitioner (SSCP)
Required Skills
• 5+ years of hands-on penetration testing or offensive security experience
• Strong understanding of networking, operating systems, and application security
• Extensive experience with tools such as Burp Suite, Metasploit, Nmap, Nessus, and custom tooling
• Proficiency in scripting or programming (Python, Bash, PowerShell, JavaScript, etc.)
• Deep knowledge of OWASP Top 10, common attack vectors, and exploitation techniques
• Proven ability to write high-quality security reports and communicate risk effectively
• Knowledge of cybersecurity tools
Desired Skills:
• Offensive security certifications (OSCP, OSCE, CRTO, GPEN, etc.)
• Experience with CI/CD and DevSecOps environments
Part-time
Description
Information Systems Solutions, Inc. (ISS) is seeking an experienced Senior Penetration Tester to join our Security Control Assessment (SCA) team in support of the National Science Foundation (NSF) Office of Polar Programs (OPP) and the United States Antarctic Program.
In this role, you will lead advanced security testing and risk assessment activities across enterprise systems, infrastructure, and cloud environments. You will evaluate security controls against NIST standards, simulate real-world attack scenarios, and provide actionable risk guidance to technical teams and program leadership.
Job Responsibilities:
• Assessment of security policies, procedures and processes against NIST standards.
• Review of System Security Plans to report on compliance throughout the organization.
• Provide Quarterly Reports of system security metrics.
• Collaborate with other SCA Team Members to assess the Confidentiality, Integrity and Availability of systems
• Advise Program Management on risk levels and security posture
• Recognize possible security violations and takes appropriate action to report the incident, as required.
• Ensure cybersecurity security requirements are appropriately identified in system environment operation procedures and collect and maintain data needed to meet system IA reporting requirements.
• Evaluate system POA&Ms, tracking milestones
• Prepare Risk Assessment Reports related to Pen Testing Activities
• Conduct Red Team, Purple Team activities using government approved toolsets
Why Work For ISS?
At ISS we pride ourselves on providing an employee-focused and family first environment. Being a small business, we take the time to get to know our employees and have a vested interest in helping them achieve their career goals. We work to schedule regular social gatherings within the company to foster camaraderie. ISS values their employees by providing a comprehensive benefits package that includes a fully vested 401(k) matching program, coverage of family medical deductibles, spot bonuses, and educational assistance to further your career.
Requirements
Clearance Level
Secret
Certifications (IAT Level II)
One of the following:
• Security+ CE
• GIAC Security Essentials Certification (GSEC)
• Security Certified Network Professional (SCNP)
• System Security Certified Practitioner (SSCP)
Required Skills
• 5+ years of hands-on penetration testing or offensive security experience
• Strong understanding of networking, operating systems, and application security
• Extensive experience with tools such as Burp Suite, Metasploit, Nmap, Nessus, and custom tooling
• Proficiency in scripting or programming (Python, Bash, PowerShell, JavaScript, etc.)
• Deep knowledge of OWASP Top 10, common attack vectors, and exploitation techniques
• Proven ability to write high-quality security reports and communicate risk effectively
• Knowledge of cybersecurity tools
Desired Skills:
• Offensive security certifications (OSCP, OSCE, CRTO, GPEN, etc.)
• Experience with CI/CD and DevSecOps environments
group id: 10122467
