×
Register Here to Apply for Jobs or Post Jobs. X

Penetration Testers - Senior; Lead Security Clearance

Job in Washington, District of Columbia, 20001, USA
Listing for: Koniag Government Services
Full Time position
Listed on 2026-07-16
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Job Description & How to Apply Below
Position: Penetration Testers - Senior (Lead) with Security Clearance
Koniag Data Solutions, LLC, a Koniag Government Services company, is seeking a Penetration Testers - Senior (Lead) to support KDS and our government customer in Washington, DC. This position requires the candidate to be able to obtain a Public Trust. We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.

Koniag Data Solutions, a Koniag Government Services company, is seeking an experienced Senior Lead Penetration Tester to support the U.S. Small Business Administration (SBA). The ideal candidate is a highly skilled offensive security professional with extensive experience planning, leading, and executing advanced penetration testing and red team operations across complex federal IT environments. This individual will serve as the technical lead for SBA's penetration testing program, providing expert guidance on adversary simulation, vulnerability exploitation, and security control validation to help the agency identify and remediate security weaknesses before they can be exploited by real-world adversaries.

The Senior Lead Penetration Tester will serve as the primary technical lead for all penetration testing and offensive security activities supporting SBA's cybersecurity program, overseeing the full lifecycle of penetration testing engagements, red team operations, and adversary simulation exercises across SBA's enterprise environment. This individual will bring deep technical expertise, strong leadership capabilities, and a comprehensive understanding of adversary TTPs to drive a high-quality, mission-focused penetration testing program that meaningfully strengthens SBA's security posture.

Principal responsibilities will include but are not limited to:
* Lead the end-to-end planning, scoping, coordination, execution, and reporting of advanced penetration testing engagements across all components of SBA's enterprise IT environment, including network infrastructure, web applications, mobile applications, APIs, cloud environments, and supporting systems and services.
* Design and execute sophisticated red team operations and adversary simulation exercises that realistically emulate the tactics, techniques, and procedures (TTPs) of advanced persistent threat (APT) actors, nation-state adversaries, and other sophisticated threat actors known to target federal civilian agencies.
* Conduct advanced exploitation of vulnerabilities identified during penetration testing engagements, including privilege escalation, lateral movement, persistence establishment, credential harvesting, and data exfiltration, to accurately demonstrate the real-world impact and exploitability of identified security weaknesses.
* Develop and maintain a comprehensive, documented penetration testing methodology, program charter, and rules of engagement (ROE) for SBA's penetration testing program, ensuring alignment with industry best practices and federal security requirements including NIST SP 800-115 and applicable CISA guidance.
* Produce detailed, high-quality penetration test reports and executive-level briefings documenting engagement scope, methodologies, technical findings, exploitation evidence, risk ratings, attack narratives, and prioritized, actionable remediation recommendations tailored to both technical and non-technical SBA audiences.
* Collaborate with SBA security leadership, the Cybersecurity Architect, SOC teams, and system owners to communicate penetration testing findings, validate remediation efforts through retesting activities, and provide expert guidance on the prioritization and resolution of identified vulnerabilities and security control gaps.
* Conduct web application penetration testing in accordance with industry frameworks and standards including the OWASP Testing Guide and OWASP API Security Top 10, identifying and exploiting vulnerabilities including injection flaws, broken authentication, cross-site scripting (XSS), insecure direct object references (IDOR), business logic flaws, and other advanced application security…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary