Penetration Tester

Washington, DC


Makpar is an award winning cybersecurity consultant specializing in IT modernization for the Federal government. We solve difficult problems with resolve.

View company page

Who we are:

Makpar is a team of innovators and consultants deploying cutting edge technologies for the federal government. We help our clients achieve their business and operational goals by solving complex problems through experience and intellect and build sustainable solutions that last. If you are driven and looking to tackle complex and critical client challenges, Makpar can provide a dynamic, mission focused, and rewarding environment for your professional growth.
Our service offerings include Cybersecurity, Cloud Migration, IT Project Management, Agile Transformation, DevSecOps, Identity, Credential, and Access Management (ICAM), and Health IT. We are proud to be a Great Place to Work™ certified four years in a row. Recent awards include Fortune Top 100 Small Place to Work, Inc 5000, and Inc Best in Business. In 2019, we were awarded the SBA Subcontractor of the Year Award (Region 3) for our program management and Agile development work at the IRS. 

Position Title:
Penetration Tester

The Position:
Makpar has an exciting opportunity for a highly skilled and motivated Penetration Tester to join our team responsible for enhancing the cybersecurity posture for a major Federal Civilian Agency. Your primary responsibility will be to support the agency’s mission by identifying and resolving security vulnerabilities affecting the Agency’s online presence, it’s digital assets and computer networks through highly effective penetration testing.

Role Specific Duties:

  • Perform network and application penetration tests to identify vulnerabilities and weaknesses in the infrastructure and applications.
  • Simulate insider threats to test detection and response capabilities, ensuring the agency is prepared to handle internal security risks.
  • Develop penetration test plans, rules of engagement, and reports to provide clear documentation of findings, recommendations, and actions taken.
  • Conduct thorough penetration testing of high-priority systems, emulating threat-based attacks.
  • Identify and analyze security vulnerabilities, paying special attention to systems handling sensitive and confidential information.
  • Utilize DAST tools to perform web application vulnerability scans, enabling timely detection and remediation of security weaknesses.
  • Collaborate with Applications Development teams to provision developers and integrate security tools into the CI/CD pipeline, facilitating automated developer verification of software vulnerabilities.

Required Qualifications:

  • Bachelor's degree in Computer Science, Information Security, or a related field (Master's preferred).
  • Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or other relevant certifications preferred.
  • Strong knowledge of cybersecurity principles, practices, and tools. Understanding of exploitation concepts including phishing and social engineering tactics, buffer overflows, fuzzing, SQLi, mitm, covert channels, secure tunneling and exfiltration techniques.
  • A mastery of scripting and reading exploits written in various programming languages
  • Execute advanced ethical hacking concepts.
  • Proficiency with Python and Java and other programming languages.
  • Proficiency in using tools such as Kali Linux and Windows OS, experience with both commercial and non-commercial post-exploitation frameworks, scripting and programming languages (e.g., PowerShell, Python, Go, Java), expertise in Active Directory and related analysis tools, knowledge of endpoint and network detection evasion techniques, and the ability to compile and modify open-source software for offensive and defensive cybersecurity purposes.
  • Experience with DevSecOps practices and CI/CD pipelines.
  • Excellent communication skills and the ability to work collaboratively with cross-functional teams.
  • Strong problem-solving skills and attention to detail.
  • Ability to obtain and maintain necessary security clearances.
  • Candidates must be a US Citizen or a Legal Permanent Resident (Green Card status) for 3 years and be Federal Tax compliant. 

At Makpar Corporation we understand that we all need to balance work and life – that is why we have a great benefits package, excellent training and career development opportunities, flexible work schedules along with a generous compensation package. At Makpar, we believe in keeping our employees happy, healthy and engaged. We pride ourselves in providing outstanding benefits, creating environments where employees are encouraged to be themselves, collaborate, and be inquisitive in order to achieve goals.

Start your career today and be a part of something meaningful!

Makpar is an Equal Opportunity / Affirmative Action employer.
Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Active Directory Agile CEH CI/CD CISSP Cloud Computer Science DAST DevSecOps Ethical hacking Exploits Java Kali Linux Pentesting PowerShell Python Scripting Vulnerabilities Vulnerability scans Windows

Perks/benefits: Career development Health care Startup environment

Region: North America
Country: United States
Job stats:  31  3  0
Category: PenTesting Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.