Job Title: Senior Security Test & Evaluation Analyst
Location: Washington, DC
Job Type: Contract
We are seeking an experienced Senior Security Test & Evaluation Analyst to lead comprehensive security testing and assessment efforts for both on-premises and cloud environments. This role requires in-depth knowledge of ethical hacking, system vulnerabilities, and mitigation strategies to ensure robust protection of critical infrastructure and sensitive data.
Execute end-to-end security testing across all phases of the ethical hacking lifecycle (reconnaissance, footprinting, scanning, exploitation, and post-exploitation).
Conduct thorough security assessment activities including static/dynamic code reviews, architecture diagram analysis, and control evaluations.
Perform scenario-based and functional security testing under both authenticated and unauthenticated conditions.
Analyze testing data to identify security vulnerabilities and develop actionable mitigation strategies.
Emulate advanced threat actors to assess system resilience across local and cloud environments.
Minimum of 5 years of experience in security testing and evaluation.
Proven expertise in conducting full-scope security tests and assessments simulating real-world cyber threats.
Strong understanding of:
Network protocols and configurations
Security technologies and industry best practices
Local and cloud-based system security (Windows, Linux, macOS, network devices, APIs, web apps)
Practical experience identifying and exploiting vulnerabilities such as SQL injection, XSS, and CSRF.
Skilled in system hardening, database security, and web application security techniques.
CISSP – Certified Information Systems Security Professional
OSCP – Offensive Security Certified Professional
GPEN – GIAC Penetration Tester
Or equivalent certifications demonstrating penetration testing expertise