A

Junior-Level Red Cell Penetration Tester

AGR LLC Beltsville, Maryland, United States

onsitefull-time

Salary: $60,000 - $70,000 / year

Posted Nov 12, 2025

Role & seniority

  • Jr Cyber Penetration Tester (entry to junior level)

Stack/tools

Penetration testing: Metasploit, Burp Suite, Nmap

Scripting/automation: Bash, Python, PowerShell, JavaScript (for tool development)

Networking basics: routing, switching, device configurations

Security frameworks: NIST SP 800-115, NIST 800-53 CA-8, PTES, ISSAF (in practice)

Top 3 responsibilities

  • Support the Red Cell Penetration Testing Team; assess and report on system security and vulnerabilities

  • Conduct penetration testing of systems (including cloud) and assist in mitigation; align with security controls

  • Maintain Red Cell infrastructure; assist incident response with capability enhancement and reporting; develop/modify discovery/exploitation tools

Must-have skills

  • Bachelor’s degree (or 1 year related experience; or 4 years may substitute for degree)

  • Fundamental networking and security principles; evaluate system security configurations

  • Knowledge of common web app vulnerabilities (SQLi, XSS, CSRF, HTTP Flood)

  • Experience with penetration testing tools (Metasploit, Burp Suite, Nmap)

  • Ability to analyze findings, perform root cause analysis, and work solo or in small teams

  • Certifications: one of CCNA Cyber Ops, CCNA-Security, CEH, CFR, Cloud+, CySA+, GCIA, GCIH, GICSP, or SCYBER

  • U.S. citizenship; active Secret clearance required

Nice-to-haves

  • Active Top Secret or TS/SCI clearance

Location & work type

Location: Rosslyn, VA

Telework: Situational; must be loca

Full Description

Internetwork Consulting Services (ICS) is currently seeking a Jr Cyber Penetration Tester to become part of our Federal Strategic Cyber Group.

Location: Rosslyn, VA. Situational Telework. Must be local to the job site.

Program Overview

The DSCM program encompasses cyber security, data analytics, engineering, technical, managerial, operational, logistical and administrative support to aid and advise DOS Cyber & Technology Security (CTS) Directorate.  This includes protecting a global cyber infrastructure comprising networks, systems, information, and mobile devices all while identifying and responding to cyber risks and threats.  Those supporting the DSCM program strive to leverage their expert knowledge and propose creative solutions to real-world cybersecurity challenges.

About the Role

  • Support the Penetration Testing (Red Cell) Team.
  • Assess the current state of the customer’s system security by identifying all vulnerabilities and security measures.
  • Help customers perform analysis and mitigation of security vulnerabilities.
  • Perform and report on penetration testing of systems, including cloud, to satisfy the NIST 800-53 CA-8 security control and using methodologies that may include, NIST SP 800-115, Penetration Testing Execution Standard (PTES), and Information Systems Security Assessment Framework (ISSAF).
  • Stay abreast of current attack vectors and unique methods for exploitation of computer networks.
  • Provide support to incident response teams through capability enhancement and reporting.
  • Assist in maintaining Red Cell infrastructure.
  • Develop or modify tools that automate discovery or exploitation (e.g. bash, Python, JavaScript, PowerShell).

Qualifications

  • Bachelor's degree and 1 year of related experience or additional 4 years may be considered in lieu of the degree requirement.
  • Basic understanding of networking and security principles.
  • Experience with evaluating system security configurations.
  • Understand common Web Application vulnerabilities like SQLi, XSS, CSRF, and HTTP Flooding.
  • Experience with penetration testing tools such as Metasploit, Burp Suite, Nmap, etc.
  • Fundamentals of network routing & switching and assessing network device configurations.
  • Familiarity in evaluating findings and performing root cause analysis.
  • Demonstrated ability to work alone and/or within a small group.

* Must process and maintain ONEof the listed certifications below

    • CCNA Cyber Ops, CCNA-Security, CEH, CFR, Cloud+, CySA+, GCIA, GCIH, GICSP, or SCYBER
    • U.S. citizenship required.
    • Active Secret security clearance.

Preferred

  • Active Top Secret or TS/SCI.
Penetration TestingVulnerability AssessmentSecurity MitigationCloud TestingNIST 800-53NIST SP 800-115PTESISSAFIncident ResponseRed Cell InfrastructureBashPythonJavaScriptPowerShellNetworkingWeb Application Vulnerabilitiesmulti-location

Cookies & analytics consent

We serve candidates globally, so we only activate Google Tag Manager and other analytics after you opt in. This keeps us aligned with GDPR/UK DPA, ePrivacy, LGPD, and similar rules. Essential features still run without analytics cookies.

Read how we use data in our Privacy Policy and Terms of Service.