×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Analyst

Vulnerability Assessment​/Penetration Testing Specialist - Contingent

Job in Bethesda, Montgomery County, Maryland, 20811, USA
Listing for: ARETUM Holdings LLC
Full Time position
Listed on 2026-01-17
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Analyst
Job Description & How to Apply Below
Position: Vulnerability Assessment / Penetration Testing Specialist - Contingent

Description

Public Trust Eligibility Required

This is a contingent position, meaning employment is dependent upon the successful award of the associated contract to Aretum and completion of any required background investigation or security clearance verification.

About Aretum

Aretum is a mission-driven organization committed to delivering innovative, technology-enabled solutions to our customers across defense, civilian, and homeland security sectors. Our teams work at the intersection of strategy, technology, and transformation, helping agencies solve their most critical challenges. We believe in investing in our people and creating a culture where collaboration, inclusion, and professional growth are at the forefront.

Job Summary

The Vulnerability Assessment / Penetration Testing Specialist performs security testing of government systems to identify vulnerabilities, validate exploitability/impact, and provide clear remediation guidance. This role supports planned, rules-based security testing and examination activities aligned to recognized practices for technical security testing and assessment, with a strong focus on producing defensible, actionable results.

Due to the nature of our work as a federal consulting organization, employees may be expected to handle Controlled Unclassified Information (CUI) and must adhere to applicable safeguarding and compliance requirements.

Responsibilities
  • Perform vulnerability assessments and penetration testing of government systems and applications in accordance with approved rules of engagement and testing plans
  • Execute technical testing activities (e.g., reconnaissance, scanning, enumeration, validation/exploitation where authorized) and document evidence, risk, and impact
  • Assess systems and networks to identify deviations from acceptable configurations and security policy, and translate findings into prioritized remediation actions
  • Support secure network design reviews by analyzing network architecture, trust boundaries, segmentation, and exposed services to identify risk and attack paths
  • Contribute to project delivery by estimating effort, tracking tasks, communicating blockers, and supporting status reporting and deliverable timelines
  • Produce high-quality technical write-ups and executive-ready summaries, including reproduction steps, affected assets, severity rationale, and remediation recommendations
  • Retest/validate remediation and provide closure evidence for resolved vulnerabilities as required by the engagement and client process
  • Maintain careful handling of sensitive information and ensure testing remains ethical, authorized, and auditable
Requirements
  • Minimum 3 years of experience performing vulnerability assessments and/or penetration testing
  • Demonstrated experience in project management, network design, and testing the security of government systems to identify vulnerabilities
  • Working knowledge of common testing methodologies and security testing lifecycle concepts (planning, execution, analysis, and mitigation support)
  • Ability to clearly document findings with strong technical writing and evidence-based reporting
  • Familiarity with Windows/Linux fundamentals, TCP/IP networking, and common enterprise services (AD, DNS, web apps, APIs, VPNs)
  • Web application security testing experience aligned to OWASP testing practices
  • Experience working in federal or similarly regulated environments with strict authorization, documentation, and evidence requirements
Preferred Qualifications
  • Bachelor s degree in information systems, Computer Science, Engineering or related field
  • Preferred

    Certifications:
    • GIAC Web Application Penetration Tester (GWAPT)
    • Certified Ethical Hacker (CEH)
    • GIAC Systems and Network Auditor (GSNA)
    • Certified Penetration Tester (CPT)
    • Certified Expert Penetration Tester (CEPT)
    • GIAC Certified Web Application Defender (GWEB)
    • Offensive Security Certified Professional (OSCP)
    • CREST Penetration Testing Certifications
Travel Requirements

This is a hybrid position, with work performed both remotely and at designated client or corporate locations, as needed. Travel requirements may vary depending on project assignments, client meetings, or internal collaboration and will be…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search