Senior Penetration Testing Analyst

This Department of War enterprise data and analytics program delivers mission-critical capabilities that enable leaders across the Department to make faster better-informed decisions using trusted data at scale. Leidos Digital Modernization sector is seeking an experienced Senior Penetration Testing Analyst Lead to support the delivery enhancement and adoption of enterprise data and analytics products used across multiple DoD organizations.

In this role you will work alongside government partners engineers and other industry teammates to translate operational and strategic requirements into scalable production-ready solutions. You will contribute directly to product planning execution and continuous improvementhelping ensure capabilities are delivered efficiently aligned to mission priorities and positioned for sustained success.

This position offers the opportunity to work on a high-visibility enterprise program at the intersection of data analytics and emerging AI technologies. Ideal candidates are motivated by mission impact comfortable operating in complex stakeholder environments and interested in building deep domain expertise while delivering capabilities with real-world national security outcomes.

Primary Responsibilities:

• Conduct penetration testing and vulnerability assessments across applications infrastructure and cloud environments.
• Support planning and execution of penetration testing events in coordination with Government and authorized testing organizations.
• Identify analyze and document vulnerabilities misconfigurations and security weaknesses.
• Develop detailed findings including risk assessments and recommended remediation actions.
• Support validation of remediation efforts and closure of identified vulnerabilities.
• Assist in integrating penetration testing findings into RMF processes including updates to SSPs POA&Ms and BOE artifacts.
• Support continuous monitoring activities by identifying recurring vulnerabilities and systemic risks.
• Utilize security tools (e.g. Nessus Nmap Burp Suite Metasploit or similar) to conduct testing and analysis.
• Collaborate with cybersecurity engineers DevSecOps teams system engineers and ISSOs to improve system security.
• Contribute to cybersecurity reporting dashboards and documentation for Government stakeholders.
• Support audit and inspection activities by providing penetration testing results and supporting documentation.
• Participate in SAFe ceremonies including PI Planning backlog refinement sprint reviews and retrospectives.

Basic Qualifications:

• Active Top Secret (TS) clearance with SCI eligibility.
• Bachelors degree in Cybersecurity Computer Science Information Assurance Engineering or related technical discipline OR equivalent training/experience aligned to DoD 8140 pathways.
• At least one of the following foundational qualification pathways consistent with DoD 8140 requirements:
  • Current DoD 8570/8140 baseline certification appropriate for Intermediate Cyber Defense Analyst roles (e.g. CySA GCDA GCIH or equivalent)
  • Offerings listed in the DoD 8140 Training Repository
  • Demonstrated equivalent training and experience qualifying under DoD 8140 foundational qualification alternatives.
• 812 years of relevant experience in cybersecurity penetration testing or vulnerability assessment.
• Minimum of 5 years of experience in penetration testing or related cybersecurity roles.
• At least 2 years of experience in one or more of the following:
  • Incident detection and response
  • Malware analysis
  • Cyber forensics
• Proficiency with at least three of the following tools:
  • Kali Linux
  • Metasploit
  • Burp Suite
  • Cobalt Strike
  • Tenable Nessus
  • WebInspect
  • Scuba
  • AppDetective
• Proven experience in planning coordinating and conducting penetration tests.
• Strong understanding of penetration testing tools techniques and methodologies.
• Experience working with DoD or Government penetration testing organizations.
• Ability to interpret and communicate penetration test results to technical and non-technical stakeholders.
• Experience in scheduling and managing remediation actions based on penetration test findings.
• Excellent communication and interpersonal skills.

Preferred Qualifications:

• Active TS/SCI clearance.
• Advanced certifications such as OSCP CEH CISSP or similar.
• Experience with the System or similar DoD data analytics and AI platforms.
• Familiarity with DoD cybersecurity policies standards and guidelines.
• Experience in a systems engineering or software development environment.
• Knowledge of cloud-based data analytics and AI capabilities.
• Strong problem-solving and analytical skills.
• Experience in a customer-facing role with a focus on customer success and outreach.

If youre looking for comfort keep scrolling. At Leidos we outthink outbuild and outpace the status quo because the mission demands it. Were not hiring followers. Were recruiting the ones who disrupt provoke and refuse to fail. Step 10 is ancient history. Were already at step 30 and moving faster than anyone else dares.

Original Posting:

Pay Range:

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data applicable bargaining agreement (if any) or other law.