The Role
Perform enterprise penetration tests (internal/external network, web apps, cloud, OS, wireless, AD), simulate real-world attacks, exploit vulnerabilities, validate controls, document findings, prepare test plans, and provide Red Team support.
Summary Generated by Built In
cFocus Software seeks a Penetration Tester to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
Duties:
Qualifications:
- Public Trust Clearance
- B.S. Computer Science, Information Technology, or a related field
- 5+ years of experience conducting penetration testing or offensive cybersecurity operations.
- Experience performing enterprise penetration testing.
- Experience with network and application security assessments.
- Experience documenting technical security findings.
- Ability to obtain and maintain NIH suitability/background investigation.
- Active OSCP, OSEP, GPEN, GXPN, CEH, PenTest+, or CISSP
Duties:
- Conduct enterprise penetration testing activities including:
- Perform internal and external network penetration testing.
- Conduct web application penetration testing.
- Execute infrastructure security testing.
- Perform cloud penetration testing.
- Conduct operating system security assessments.
- Perform wireless security testing.
- Assess Active Directory security.
- Conduct application security testing.
- Simulate real-world cyberattacks using industry-standard offensive security methodologies.
- Perform controlled exploitation activities to identify security weaknesses.
- Validate effectiveness of implemented security controls.
- Identify attack paths and privilege escalation opportunities.
- Document technical findings and supporting evidence.
- Prepare comprehensive penetration testing plans
- Provide Red Team Support
Skills Required
- Public Trust clearance or ability to obtain one
- B.S. in Computer Science, Information Technology, or related field
- 5+ years conducting penetration testing or offensive cybersecurity operations
- Experience performing enterprise penetration testing (network, application, cloud, wireless, OS)
- Experience with network and application security assessments and documenting technical security findings
- Ability to obtain and maintain NIH suitability/background investigation
- Active OSCP, OSEP, GPEN, GXPN, CEH, PenTest+, or CISSP
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Established in 2006, cFocus Software automates FedRAMP compliance and develops government chatbots for the Azure Government Cloud, Office 365, and SharePoint. cFocus Software is the exclusive vendor of ATO (Authority To Operate) as a Service™, which automates FedRAMP compliance for the Azure Government Cloud and Office 365. Contact Us for a demo of ATO as a Service™ or a FREE government chatbot proof of concept project today!









