Senior Penetration Tester

For more details, please connect with Kajal Verma at  or call at .

Job Title:

Senior Penetration Tester

Duration: 12 Months

Location:

Raleigh, NC (Hybrid)

Position Type:
Contract

Interview Type:
Both Phone and In Person

Client:
State of North Carolina

Department: NC DHHS Privacy and Security Office

The State of North Carolina NC DHHS Privacy and Security Office is seeking three (3) Senior Penetration Testers to conduct authorized penetration testing of network and infrastructure environments. The consultant will be responsible for identifying, validating, and demonstrating security weaknesses across enterprise systems and infrastructure. The role involves simulating advanced threat actor techniques, evaluating security configurations, and producing comprehensive penetration testing reports.

• Plan and execute internal and external penetration tests for network and infrastructure environments
• Perform vulnerability identification, validation, and controlled exploitation
• Assess security posture across:
  Network devices (firewalls, routers, switches), On-premise servers (Windows, Linux, Unix), Active Directory and identity infrastructure, Remote access solutions and VPN environments, Cloud environments where applicable
• Simulate advanced threat actor techniques, including:
  Privilege escalation, Lateral movement, Credential compromise, Persistence mechanisms
• Evaluate security configurations and control effectiveness
• Conduct testing in accordance with approved Rules of Engagement
• Prepare and deliver formal penetration testing reports for executive, audit, and technical audiences
• Support remediation validation and follow-up testing

• 7 10 years hands-on experience in penetration testing or offensive security
• Strong expertise in network and infrastructure security testing
• Deep understanding of: TCP/IP, DNS, DHCP, VPNs, Firewalls, IDS/IPS, Windows and Linux system internals, Active Directory attack paths and defenses
• Advanced proficiency with penetration testing tools such as:
  Nmap, Nessus, Metasploit, Burp Suite, Blood Hound, Net Exec, Ping Castle
• Experience producing formal penetration testing reports
• Familiarity with security frameworks including: NIST SP 800-53, NIST SP 800-115, NIST SP 800-61, MITRE ATT&CK, OWASP Testing Guide
• Experience working in regulated or high-security environments
• Strong understanding of legal, ethical, and compliance requirements for penetration testing

• Ability to travel occasionally within the state as required
• Valid driver's license may be required for county visits
• Strong documentation and reporting skills
• Ability to communicate technical findings to executive and non-technical stakeholders

V Group Inc. is a NJ-based IT Services and Products Company with its business strategically categorized in various Business Units including Public Sector, Enterprise Solutions, Professional Services, Ecommerce, Projects, and Products. Within the Public Sector business unit, we cater IT Professional Services to Federal, State and Local. We have multiple awards/contracts with 30+ states, including but not limited to NY, CA, FL, GA, MD, MI, NC, OH, OR, CO, CT, TN, PA, TX, VA, NM, VT, and WA.

Please share my contact information with others working in Information Technology.

Website:
Linked In:
Facebook:
Twitter: