Senior Penetration Tester

Job
Description:

George Consulting is
seeking a Senior Penetration Tester that will lead advanced offensive security
assessments in support of Department of Defense (DoD) cybersecurity missions.
The role involves planning and executing penetration tests, identifying and
exploiting complex vulnerabilities, providing strategic recommendations, and
supporting RMF authorization activities. The ideal candidate is a technical
leader with extensive hands-on testing experience and a strong understanding of
DoD cybersecurity frameworks, tools, and compliance requirements.

Roles and
Responsibilities:

* Lead
and execute penetration testing engagements on DoD networks, systems,
applications, and cloud environments.

* Identify,
exploit, and validate vulnerabilities using manual and automated techniques.

* Develop
and present proof-of-concept exploits demonstrating operational and mission
impact.

* Produce
detailed technical reports and executive briefings outlining findings and
remediation recommendations.

* Support
RMF and eMASS documentation, providing risk analysis and testing evidence.

* Advise
system owners and cybersecurity teams on remediation strategies and defensive
improvements.

* Mentor
junior testers and contribute to red team methodology development.

* Stay
current on adversary TTPs, emerging threats, and DoD cybersecurity standards.

* Able
to work independently with limited direction and be self-motivated.

* Able
to work with other contractor teammates and customers daily.

* Able
to work closely with customers to ensure deliverables meet their expectations
and arrive in a timely manner.

* Attend
and actively participate in team meetings.

THIS
POSITION REQUIRES AN ACTIVE DEPARTMENT OF DEFENSE TOP SECRET OR SECRET SECURITY
CLEARANCE.

Required Skills &
Experience:

* Active DoD Secret clearance (TS/SCI
preferred).

* Bachelor's degree in Cybersecurity,
Computer Science, or related field (or equivalent experience).

* 5+ years of penetration testing or
offensive security experience, including leading engagements.

* Current DoD 8570.01-M IAT Level III
or CSSP Analyst/Tester certification (e.g., CASP+, CISSP, CEH, OSCP, GPEN,
GXPN).

* Advanced proficiency with tools such
as Kali Linux, Metasploit, Burp Suite, BloodHound, Cobalt Strike, Nmap, and
Nessus.

* Strong knowledge of Windows/Linux
systems, Active Directory, network protocols, and cloud/virtualized
environments.

* Experience with DISA STIGs,
HBSS/ACAS, and DoD cyber ranges.

* Familiarity with Zero Trust
architectures and DoD cybersecurity reference models.

* Scripting or development skills in
Python, PowerShell, or Bash.

* Experience with exploit development,
reverse engineering, or ICS/SCADA testing.

* Prior support to major DoD program
offices (e.g., NIWC, NAVAIR, PMA).

* Experience mentoring or managing
technical teams.

* Excellent written and verbal
communication skills, including briefing senior leadership.