Senior Security Test & Evaluation Analyst - ITAJS


IT - DC - Washington, DC
Washington, District of Columbia
Locations: Washington, Capitol Hill, Georgetown, Logan Circle
Posted On: August 12, 2025
Last Day to Apply: August 26, 2025
Pay: $60.00 to $70.00 per hour

Job Title: Senior Security Test & Evaluation Analyst
Location: Washington, DC
Job Type: Contract

Job Overview:

We are seeking an experienced Senior Security Test & Evaluation Analyst to lead comprehensive security testing and assessment efforts for both on-premises and cloud environments. This role requires in-depth knowledge of ethical hacking, system vulnerabilities, and mitigation strategies to ensure robust protection of critical infrastructure and sensitive data.

Responsibilities:

  • Execute end-to-end security testing across all phases of the ethical hacking lifecycle (reconnaissance, footprinting, scanning, exploitation, and post-exploitation).

  • Conduct thorough security assessment activities including static/dynamic code reviews, architecture diagram analysis, and control evaluations.

  • Perform scenario-based and functional security testing under both authenticated and unauthenticated conditions.

  • Analyze testing data to identify security vulnerabilities and develop actionable mitigation strategies.

  • Emulate advanced threat actors to assess system resilience across local and cloud environments.

Required Qualifications:

  • Minimum of 5 years of experience in security testing and evaluation.

  • Proven expertise in conducting full-scope security tests and assessments simulating real-world cyber threats.

  • Strong understanding of:

    • Network protocols and configurations

    • Security technologies and industry best practices

    • Local and cloud-based system security (Windows, Linux, macOS, network devices, APIs, web apps)

  • Practical experience identifying and exploiting vulnerabilities such as SQL injection, XSS, and CSRF.

  • Skilled in system hardening, database security, and web application security techniques.

Certifications (At least one required):

  • CISSP – Certified Information Systems Security Professional

  • OSCP – Offensive Security Certified Professional

  • GPEN – GIAC Penetration Tester

  • Or equivalent certifications demonstrating penetration testing expertise

Skip to the main content