×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer IT Consultant

Government and Public Sector - Cybersecurity Penetration Tester - Senior Consultant

Job in McLean, Fairfax County, Virginia, USA
Listing for: Ernst & Young Oman
Full Time position
Listed on 2026-05-04
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, IT Consultant
  • Engineering
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 104800 - 192200 USD Yearly USD 104800.00 192200.00 YEAR
Job Description & How to Apply Below

Government and Public Sector – Technology Consulting - Cybersecurity – Penetration Tester – Senior The opportunity

Our cybersecurity professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team works together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients.

As part of our Penetration Testing team, you'll identify potential threats and vulnerabilities to operational environments. Projects here could include penetration testing and simulating physical breaches to identify vulnerabilities.

Your key responsibilities

  • Offensive Security Execution - Execute advanced penetration testing and red team activities. Identify, validate, and exploit complex attack paths to demonstrate realistic business and mission risk

  • Perform manual validation of vulnerabilities identified through automated or tool-based scanning to confirm exploitability and impact.

  • Correlate findings across network, application, cloud, and identity attack vectors to identify systemic security weaknesses.

  • Risk Identification and Escalation
    - Escalate critical and high-risk findings to engagement leadership and client stakeholders during active testing activities.

  • Articulate technical risk, potential impact, and exploitation context in clear, client-facing language suitable for both technical and executive audiences.

  • Quality Assurance and Reporting - Review, validate, and approve testing evidence and technical findings prior to inclusion in formal deliverables.

  • Author and contribute to technical penetration testing reports and executive summaries that clearly describe risk, likelihood, and potential impact.

  • Apply consistent evidence handling and documentation practices aligned to engagement and compliance requirements.

  • Engagement Support and Team Leadership - Support engagement scoping, testing strategy development, and definition of rules of engagement.

  • Provide technical oversight and mentoring to staff-level penetration testers during testing execution and report development.

  • Serve as a senior technical authority during client briefings, readouts, and debrief sessions.

Skills and attributes for success

  • Perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing.

  • Execute red team scenarios to highlight gaps impacting organizations security postures.

  • Ability to work both independently as well as lead a team of technical testers on penetration testing and red team engagements.

  • Provide technical leadership and advise junior team members on attack and penetration test engagements.

  • Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations.

  • Perform in-depth analysis of penetration testing results and create reports that describe findings, exploitation procedures, risks and recommendations.

  • Execute penetration testing projects using the established methodology, tools and rules of engagements.

  • Convey complex technical security concepts to technical and non-technical audiences including executives.

To qualify for the role you must have

  • Bachelor’s Degree

  • Minimum of 8 years of related work experience

  • Must be able to obtain/maintain a secret level clearance

  • Must be comfortable working in-person as needed in the greater Washington, DC area

  • Demonstrated hands-on execution of penetration testing across infrastructure, application, cloud, and identity-centric environments.

  • At least one intermediate or advanced offensive security certification, such as:

    • Offensive Security Certified Professional (OSCP)
    • GIAC Penetration Tester (GPEN)
    • Equivalent industry-recognized certification

  • Demonstrated experience completing approximately 1,000 hours of penetration testing activities, aligned with EY Attack and Penetration Testing senior capability benchmarks.

  • Technical

    Skills:

    • Network, operating system, and application exploitation techniques. Credential-based attack techniques, including password cracking, pass-the-hash, and token abuse.
    • Active Directory and enterprise identity infrastructure assessment. Web…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search