Full Description

Dice is the leading career destination for tech experts at every stage of their careers. Our client, CCS Global Tech, is seeking the following. Apply via Dice today!

CCS Global Tech is a rapidly growing Information Technology company with a diverse portfolio of technology products and services and a large network of industry partnerships. With over 22 years of being a successful business with a global talent pool and presence, CCS is a certified Microsoft Gold Partner and specializes in delivering expert Microsoft based solutions for technical and business needs. We have been recognized by Inc. 500 Magazine as one of the fastest growing small companies in the Unites States.

we are a Tier 1 vendor for the City and County of San Francisco for Cloud Services, Staffing Services and Training Services. For this multi-year opportunity with a diverse set of needs to address, we are currently focusing on establishing partnerships with individuals as well as companies who can help us enhance our overall service portfolio, cut lead times, and ultimately help us deliver successfully. We currently hold sizable Government accounts in the San Francisco bay area including City and County of San Francisco, San Mateo County, and Santa Clara County.

We take great pride in our global reach and local influence. Your experience alongside our highly skilled and talented internal team who guide you along the way, offers key insights into what helps you stand out in a competitive job market.

If you are a partner company, please submit resumes with contact information of your own W2 Consultants only. Submitted consultants are expected to have excellent communication skills.

Location: Annapolis Junction, Maryland, USA

Job Type: Full-Time

Shift: Day

Telework: None

Salary Range: **$100,000 to $200,000 per year

Starting salary is based on minimum education and years of experience and increases based on education and/or experience.

Overview: Lead the offense to strengthen the defense. Seeking a highly skilled lead penetration tester to join a top-tier Agile cybersecurity team focused on securing complex, enterprise-scale environments. In this role, you'll spearhead offensive security assessments across networks, applications, endpoints, cloud services, and mission critical systems-simulating real world adversaries to uncover vulnerabilities before they can be exploited. You'll collaborate closely with cyber SMEs, engineers, and leadership to shape penetration testing strategies, guide remediation, and influence enterprise-level security posture. Your work will directly safeguard interconnected infrastructures, including LAN/WAN environments, public-facing assets, commercial internet gateways, servers, and user platforms. If you thrive in advanced threat emulation, enjoy unraveling complex technical challenges, and want your expertise to drive major cybersecurity decisions, this is a standout opportunity to lead and innovate.

Security Clearance Requirements

This position requires all candidates to be U.S. Citizens and possess an active TS/SCI Security Clearance with a Polygraph.

Responsibilities

Conduct internal and external penetration tests to identify vulnerabilities and recommend mitigation strategies. Perform web application penetration tests. Execute vulnerability risk assessments. Conduct physical penetration tests and social engineering exercises. Support cyber incident response activities as needed. Assess the security impact of new system developments or changes. Review, evaluate, and test mission critical software for security weaknesses. Define security compliance requirements for new system capabilities. Identify and remediate vulnerabilities across the system lifecycle. Audit and assess system security configurations using industry standard tools and methodologies. Coach development teams to improve understanding of vulnerabilities, attack vectors, and mitigation techniques. Collaborate with Systems, Test, and Integration Engineering teams to ensure architecture meets stringent security requirements. Develop, implement, and enforce security policies, standards, and methodologies. Serve as a security SME to Program Managers, technical experts, and internal teams.

Qualifications

Required Skills & Experience

Hands on experience using penetration testing tools. Experience in web development and programming languages (Java, XML, Perl, HTML). Experience with programming/scripting (Python, PowerShell, C, JavaScript, etc.). Extensive IT security risk assessment experience. Experience performing web application and physical pentests. Familiarity with web app security tools (Burp Suite, WebInspect, AppDetective). Familiarity with Kali Linux and IPS/IDS solutions. Strong understanding of the Cyber Kill Chain methodology. Experience applying the Risk Management Framework (RMF). Experience securing desktop and server OS configurations. Ability to collaborate with technical teams and customers to develop mitigation strategies. Ability to manage multiple projects and adapt to changing priorities.

Preferred Qualifications

Bachelor's degree in a technical/information assurance field and 12+ years of experience.

One or more of the following certifications strongly preferred

• GIAC Web Application Penetration Tester (GWAPT)
• GIAC Penetration Tester (GPEN)
• CEH, CISM, GWEB, CISSP

Extensive experience designing and implementing integrated security services, including

• Network penetration testing
• Antivirus planning
• Risk analysis
• Incident response
• Experience supporting application development security, including system certifications and firewall evaluations.