HHS - Penetration Tester

Remote Full-time
cFocus Software seeks a Penetration Tester to join our program supporting the Department of Health and Human Services (HHS) This position is remote. This position requires the ability a Public Trust clearance.
Qualifications:
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field.
• Minimum 5–8 years of experience performing penetration testing or offensive security assessments.
• Hands-on experience testing enterprise networks, applications, and cloud environments.
• Strong knowledge of attack techniques, exploitation frameworks, and post-exploitation methods.
• Experience with federal environments and vulnerability management programs preferred.
• Strong understanding of NIST SP 800-53, NIST SP 800-30, and vulnerability management processes.
• Excellent analytical, documentation, and communication skills.
• OSCP, GPEN, CEH, or GXPN preferred.
Duties:
• Plan, execute, and document penetration tests against networks, systems, web applications, APIs, databases, and cloud environments.
• Conduct internal, external, authenticated, unauthenticated, and adversary-simulation testing activities.
• Perform exploitation, post-exploitation, and privilege escalation to demonstrate real-world risk.
• Validate vulnerability scan findings and identify false positives and chained attack paths.
• Conduct application penetration testing aligned with OWASP Top 10 and NIST guidance.
• Support red team and purple team exercises in coordination with SOC and Incident Response teams.
• Analyze attacker techniques using MITRE ATT&CK and document TTPs and attack paths.
• Develop detailed penetration test reports including executive summaries, risk ratings, and remediation guidance.
• Provide technical remediation guidance to system owners, engineers, developers, and ISSOs.
• Validate remediation effectiveness through retesting and evidence review.
• Support compliance testing requirements related to FISMA, RMF, and continuous monitoring.
• Maintain strict rules of engagement, authorization documentation, and testing approvals.
• Ensure testing activities comply with HHS, HRSA, and federal legal and ethical requirements.

Apply Now

Apply Now
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Tax Manager (Remote in DFW)

Remote

Project Manager (prjt status reporting; state or fed govt environ/criminal justice processing; SDLC)

Remote

Sales Director (Connected Living & Digital Commerce)

Remote

Pharmacy Call Center Rep (Remote)

Remote

Solar Project Support Coordinator

Remote

Treasury Management Implementation Specialist

Remote

Oportunidad independiente para organizar viajes de aventura

Remote

Senior Rendering and Graphic Designer (Remote Freelancer)

Remote

Senior Designer, Web + Brand (Contract )

Remote

Direct Support Professional - PRN

Remote
← Back