Description

At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers’ success. We empower our teams, contribute to our communities, and operate sustainable. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business.

If this sounds like the kind of environment where you can thrive, keep reading!

The Digital Modernization Sector brings together our digital transformation and IT programs, allowing us to better serve our customers through scale and repeatability.

The mission of the DHS Chief Information Security Officer Directorate (DHS CISOD) is to support the Department’s implementation of all applicable regulatory requirements-including the Federal Information Security Modernization Act (FISMA), relevant OMB circulars, Executive Orders, Federal laws, directives, policies, and regulations-while providing the Department of Homeland Security (DHS) a secure and trusted computing environment. Information security is an essential business function, critical to enabling DHS to conduct its operations and deliver service to the public.

We are seeking a Senior Penetration Tester to join our DHS cybersecurity team. This role will support penetration testing operations across applications, networks, and enterprise environments. The ideal candidate will bring deep technical expertise, proven experience in vulnerability research and exploitation, and the ability to work as part of a collaborative offensive security team.

Primary Responsibilities:

• Conduct penetration testing operations in accordance with DHS and industry best practices.

• Perform web application, network, and infrastructure testing using both commercial and open-source tools.

• Safely execute testing activities under defined operational guidance.

• Document findings in detailed reports with actionable remediation recommendations.

• Collaborate with SOC, engineering, and defensive security teams to validate and remediate vulnerabilities.

• Contribute to tool development, methodology refinement, and knowledge-sharing across the team.

Required Qualifications

• Bachelor’s degree in a related discipline and 12 years of professional experience or Master’s degree and 10 years of professional experience.

• Minimum of 3 years of experience in at least one of the following areas: incident detection and response, malware analysis, or cyber forensics.

• Experience with at least 3 of the following tools:

• Kali Linux
• Metasploit
• Burp Suite
• Nmap
• Cobalt Strike
• Tenable Nessus
• WebInspect
• Scuba
• AppDetective

• Must hold one or more of the following certifications: GPEN, GWAPT, GISF, GXPN, OSCP, OSCE, OSWP, OSEE, CISSP, or CEH.

• U.S. Citizenship required; must be able to obtain DHS Public Trust and EOD clearance.

Preferred Qualifications:

• Prior DHS IT security or audit experience.
• Previous system administration experience.
• 7+ years of IT experience in a Computer Science discipline.

At Leidos, we don’t want someone who "fits the mold"-we want someone who melts it down and builds something better. This is a role for the restless, the over-caffeinated, the ones who ask, “what’s next?” before the dust settles on “what’s now.”

If you’re already scheming step 20 while everyone else is still debating step 2... good. You’ll fit right in.

Original Posting:
September 11, 2025

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:
Pay Range $126,100.00 - $227,950.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

#Remote