2025-08-12
Core4ce
Other
/yr
employee
contract
Washington
District of Columbia
20001
United States
Core4ce
Penetration Tester - Level II (SD)
893-383
As a Penetration Tester - Level II, you will contribute directly to the security posture of both government and commercial clients by identifying vulnerabilities, simulating real-world cyberattacks, and supporting the development of custom software tools that enhance our testing capabilities. You’ll work alongside senior assessors and cybersecurity engineers to conduct assessments, emulate advanced threats, and help improve defensive strategies through technical innovation and automation using Python, Ruby, and C/C++.
This is an exciting opportunity to grow your cybersecurity and software development skills in a collaborative, mission-driven environment where innovation and continuous learning are strongly encouraged.
Duties and Responsibilities:
Working under the guidance of senior team members and in support of the Department of Defense (DoD), you will:
Conduct Penetration Tests – Perform internal and external penetration testing across networks, applications, and systems to uncover exploitable weaknesses.
Exploit Development – Participate in vulnerability research and help develop custom exploits or proof-of-concept attacks under supervision.
Red and Purple Team Exercises – Assist in the planning and execution of simulated adversarial scenarios and collaborative testing with blue teams.
Technical Reporting – Draft detailed technical reports and executive summaries to document findings, explain risks, and propose remediation steps.
Advanced Analysis Support – Support malware analysis, reverse engineering, and behavioral analysis efforts as needed, using offline or sandbox environments.
Client Engagement – Participate in customer briefings, help define test objectives, and communicate findings in a professional manner.
Develop Custom Tools – Contribute to the creation and testing of penetration testing utilities, automation scripts, and internal tools using Python, Ruby, and C/C++.
Travel – May require occasional travel to client sites.
Qualifications:
Bachelor’s degree in a relevant field or equivalent experience.
3–7 years of hands-on experience in cybersecurity, with at least 3+ years focused on penetration testing or offensive security.
Active DoD 8570 IAT Level II or greater certification.
At least one relevant certification such as OSCP, GPEN, GWAPT, OSWA, or equivalent.
Strong understanding of network protocols, security controls, and common vulnerabilities.
Experience with web application testing, API testing, and infrastructure assessments.
Familiarity with tools such as Nmap, Burp Suite, Metasploit, Cobalt Strike, or Kali Linux.
Programming or scripting proficiency in Python, Ruby, and/or C/C++.
Understanding of attack frameworks such as MITRE ATT&CK.
Preferred Experience:
Experience developing or customizing tools and scripts to automate penetration testing tasks.
Familiarity with red/purple team methodologies.
Basic knowledge of reverse engineering or malware analysis.
Participation in CTFs, bug bounties, or independent security research.
Additional Information:
Our company also supports commercial cybersecurity initiatives outside of the DoD. Mid-level team members may be invited to participate in these projects based on their interests and technical strengths, including efforts to build and refine internal penetration testing tools using Python, Ruby, and C/C++.
Why Work for Us?
Core4ce is a team of innovators, self-starters, and critical thinkers—driven by a shared mission to strengthen national security and advance warfighting outcomes.
We offer:
Join us to build a career that matters—supported by a company that invests in you.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), national origin, disability, veteran status, age, genetic information, or other legally protected status.
PI277228470
