This role focuses on advanced offensive security, penetration testing, and enterprise cybersecurity evaluation within regulated environments.
Position: Senior Systems Security Specialist – Offensive Security
Location: Baltimore, MD. Hybrid.
Role Overview
The position involves leading and executing penetration testing, red team operations, and vulnerability assessments across networks, applications, APIs, and cloud environments. The resource will simulate real-world adversary behavior, identify vulnerabilities, and provide actionable remediation guidance.
Key Responsibilities
Conduct internal/external penetration testing (networks, web apps, APIs, cloud)
Perform red team engagements aligned with MITRE ATT&CK
Execute vulnerability assessments and remediation validation
Deliver detailed penetration testing reports with executive summaries
Perform threat modeling and attack surface analysis
Evaluate application security (auth, access control, input validation)
Conduct source code reviews (Python, Java, C/C++)
Support incident response and root cause analysis
Assess Zero Trust and identity-based security controls
Collaborate with engineering and DevOps teams on remediation
Required Qualifications
8+ years in cybersecurity
5+ years in penetration testing / red team engagements
Strong experience with tools like Metasploit, Burp Suite, Nmap, Nessus
Proficiency in Python, PowerShell, or similar scripting
Deep knowledge of NIST, OWASP, MITRE ATT&CK frameworks
Experience delivering executive-level security reports
Background in government or highly regulated environments
Relevant certification (OSCP, GPEN, CEH, etc.) preferred
Preferred Experience
Advanced red team and adversary emulation experience
Cloud security expertise (AWS/Azure, containers, CI/CD)
Zero Trust and micro-segmentation experience
Federal compliance environments (FedRAMP, FISMA, IRS 1075)