Penetration Testing Government Jobs (NOW HIRING)

This Department of War enterprise data and analytics program delivers mission-critical capabilities that enable leaders across the Department to make faster, better-informed decisions using trusted data at scale. Leidos Digital Modernization sector is seeking an experienced Senior Penetration Testing Analyst Lead to support the delivery, enhancement, and adoption of enterprise data and analytics products used across multiple DoD organizations.

In this role, you will work alongside government partners, engineers, and other industry teammates to translate operational and strategic requirements into scalable, production-ready solutions. You will contribute directly to product planning, execution, and continuous improvement-helping ensure capabilities are delivered efficiently, aligned to mission priorities, and positioned for sustained success.

This position offers the opportunity to work on a high-visibility, enterprise program at the intersection of data, analytics, and emerging AI technologies. Ideal candidates are motivated by mission impact, comfortable operating in complex stakeholder environments, and interested in building deep domain expertise while delivering capabilities with real-world national security outcomes.

Primary Responsibilities:

• Conduct penetration testing and vulnerability assessments across applications, infrastructure, and cloud environments.
• Support planning and execution of penetration testing events in coordination with Government and authorized testing organizations.
• Identify, analyze, and document vulnerabilities, misconfigurations, and security weaknesses.
• Develop detailed findings, including risk assessments and recommended remediation actions.
• Support validation of remediation efforts and closure of identified vulnerabilities.
• Assist in integrating penetration testing findings into RMF processes, including updates to SSPs, POA&Ms, and BOE artifacts.
• Support continuous monitoring activities by identifying recurring vulnerabilities and systemic risks.
• Utilize security tools (e.g., Nessus, Nmap, Burp Suite, Metasploit, or similar) to conduct testing and analysis.
• Collaborate with cybersecurity engineers, DevSecOps teams, system engineers, and ISSOs to improve system security.
• Contribute to cybersecurity reporting, dashboards, and documentation for Government stakeholders.
• Support audit and inspection activities by providing penetration testing results and supporting documentation.
• Participate in SAFe ceremonies including PI Planning, backlog refinement, sprint reviews, and retrospectives.

Basic Qualifications:

• Active Top Secret (TS) clearance with SCI eligibility.
• Bachelor's degree in Cybersecurity, Computer Science, Information Assurance, Engineering, or related technical discipline OR equivalent training/experience aligned to DoD 8140 pathways.
• At least one of the following foundational qualification pathways consistent with DoD 8140 requirements:]
  • Current DoD 8570/8140 baseline certification appropriate for Intermediate Cyber Defense Analyst roles (e.g., CySA+, GCDA, GCIH, or equivalent),
  • Offerings listed in the DoD 8140 Training Repository,
  • Demonstrated equivalent training and experience qualifying under DoD 8140 foundational qualification alternatives.
• 8-12 years of relevant experience in cybersecurity, penetration testing, or vulnerability assessment.
• Minimum of 5 years of experience in penetration testing or related cybersecurity roles.
• At least 2 years of experience in one or more of the following:
  • Incident detection and response
  • Malware analysis
  • Cyber forensics
• Proficiency with at least three of the following tools:
  • Kali Linux
  • Metasploit
  • Burp Suite
  • Cobalt Strike
  • Tenable Nessus
  • WebInspect
  • Scuba
  • AppDetective
• Proven experience in planning, coordinating, and conducting penetration tests.
• Strong understanding of penetration testing tools, techniques, and methodologies.
• Experience working with DoD or Government penetration testing organizations.
• Ability to interpret and communicate penetration test results to technical and non-technical stakeholders.
• Experience in scheduling and managing remediation actions based on penetration test findings.
• Excellent communication and interpersonal skills.

Preferred Qualifications:

• Active TS/SCI clearance.
• Advanced certifications such as OSCP, CEH, CISSP, or similar.
• Experience with the System or similar DoD data, analytics, and AI platforms.
• Familiarity with DoD cybersecurity policies, standards, and guidelines.
• Experience in a systems engineering or software development environment.
• Knowledge of cloud-based data, analytics, and AI capabilities.
• Strong problem-solving and analytical skills.
• Experience in a customer-facing role, with a focus on customer success and outreach.

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares.

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.