Lead Penetration Tester TS / SCI Polygraph

Description

Lead Penetration Tester

Leidos has a new and exciting opportunity for a Lead Penetration Tester in our National Security Sector's (NSS) Cyber & Analytics Business Area (CABA) . Our talented team is at the forefront in Security Engineering, Computer Network Operations (CNO), Mission Software, Analytical Methods and Modeling, Signals Intelligence (SIGINT), and Cryptographic Key Management. At Leidos , we offer competitive benefits , including Paid Time Off, 11 paid Holidays, 401K with a 6% company match and immediate vesting, Flexible Schedules, Discounted Stock Purchase Plans, Technical Upskilling, Education and Training Support, Parental Paid Leave, and much more. Join us and make a difference in National Security!

Job Summary

Leidos is seeking a Lead Penetration Tester to join a high performing agile team using the Scaled Agile Framework (SAFe) methodology on a large, complex program that provides system engineering, development, test, integration and operational support. The selected candidate will work on a team of cyber Subject Matter Experts (SMEs) who are providing support to a large, complex technical program for preventing, identifying, containing and eradicating cyber threats to networks through monitoring, intrusion detection, and protective security services on information systems including local area networks / wide area networks (LAN / WAN), commercial Internet connections, public facing websites, security devices, servers and workstations. She / he will be responsible for the overall security of Enterprise-wide information systems, and will collect, investigate, and report any suspected and confirmed security violations.

Primary Responsibilities

Perform internal and external pentests against systems to determine vulnerabilities and develop mitigation strategies.

Perform web app pentests.

Perform vulnerability risk assessments.

Perform physical pentests and social engineering analysis.

Perform cyber incident response as needed.

Evaluate the impact of new development on the operational security posture of IT systems.

Evaluate, review, and test critical software.

Formulate security compliance requirements for new system features.

Identify and remediate security issues throughout the system.

Audit and assess system security configuration settings using common methodologies and tools.

Work with development teams to enrich team-wide understanding of different types of vulnerabilities, attack vectors, and remediation approaches.

Work closely with System Engineering, Test Engineering, and Integration teams to ensure hardware and software architecture and implementations meet strict security requirements.

Propose, assess, coordinate, implement, and enforce information systems security policies, standards, and methodologies.

Serve as a Subject Matter Expert in security architecture, to include providing advice to Program Managers, Customer technical experts, and internal program teams.

Basic Qualifications

Bachelor's degree in a technical / information assurance field and at least 12 years of prior relevant experience. Additional years of experience and / or cyber certifications may be considered in lieu of a degree.

Must have experience with penetration testing tools.

Must have experience in web development and programming languages such as Java, XML, Perl and HTML.

Must have experience with programming / scripting in Python, Powershell, C, JavaScript, etc.

Must have extensive experience performing IT security risk assessments.

Must have experience performing web app and physical pentests.

Must have experience with or strong familiarity of the following Web Application tools; Burp Suite, Web Inspect, Appdetective.

Must have experience with or strong familiarity of Kali.

Must have experience with or strong familiarity of IPS / IDS solutions.

Must have a strong understanding of the Cyber Kill Chain methodology.

Must have experience applying Risk Management Framework.

Must have experience with secure configurations of commonly used desktop and server operating systems.

Must have the ability to effectively collaborate with technical staff and customers to form mitigation strategies and plan for continuous modernization and legacy integration.

Must have experience managing multiple projects simultaneously and quickly and effectively adjusting to shifting priorities in resolving issues.

Preferred Qualifications

Certifications in one or more of the following areas strongly preferred :

GIAC Web Applications Penetration Tester (GWAPT)

GIAC Penetration Tester (GPEN)

Certified Ethical Hacker (CEH)

Certified Information Security Manager (CISM)

Certified Web Application Defender (GWEB)

Certified Information System Security Professional (CISSP)

Extensive experience developing / implementing integrated security services management processes, such as assessing and auditing network penetration testing, anti-virus planning assistance, risk analysis, and incident response.

Extensive experience providing information assurance support for application development that includes system security certifications and project evaluations for firewalls that encompass development, design, and implementation.

At Leidos , the opportunities are boundless. We challenge our staff with interesting assignments that allow them to thrive professionally and personally. For us, helping you grow your career is good business. We look forward to learning more about you - apply today.

careers.leidos.com / CONMD

CSSKEY

CONMD

At Leidos, we don't want someone who "fits the mold"-we want someone who melts it down and builds something better. This is a role for the restless, the over-caffeinated, the ones who ask, "what's next?" before the dust settles on "what's now."

If you're already scheming step 20 while everyone else is still debating step 2... good. You'll fit right in.

Original Posting : November 4, 2025

For U.S. Positions : While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range :

Pay Range $126,100.00 - $227,950.00

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

About Leidos

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com .

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com / careers / pay-benefits .

Securing Your Data

Beware of fake employment opportunities using Leidos' name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system - never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at LeidosCareersFraud@leidos.com .

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission .

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.