Penetration Tester - Federal Agency (Remote)

About the Role

We are seeking a skilled Penetration Tester to join our team at Dragonfli Group, a leading cybersecurity and IT consulting firm. This remote Penetration Tester position focuses on evaluating the security of applications, networks, and cloud environments for a large federal agency. You will play a crucial role in identifying vulnerabilities and helping to remediate them, ensuring the security of mission-critical systems.

What You'll Do

• Engagement Scoping & Planning: Collaborate with stakeholders to define objectives and success criteria for safe execution.
• Reconnaissance & Enumeration: Conduct passive and active discovery of attack surfaces and APIs to map trust boundaries.
• Manual Application Testing: Perform thorough testing of web and mobile applications following OWASP Top 10 guidelines.
• Vulnerability Validation: Safely verify findings such as XSS, SQLi, and CSRF to demonstrate real-world impact.
• Network & Infrastructure Testing: Identify weaknesses in exposed services and misconfigurations across hybrid environments.
• Post-Exploitation Analysis: Assess risks while minimizing operational impact.
• Reporting & Remediation: Deliver clear technical reports with prioritized fixes for engineers and leadership.

Requirements

• Strong understanding of web application security and modern attack techniques.
• Proven ability to distinguish false positives from exploitable issues.
• Experience documenting evidence and providing pragmatic remediation guidance.
• Ability to operate within strict rules of engagement and ethical safety constraints.
• U.S. Citizenship or Permanent Residency (Green Card) is required.

Nice to Have

• Previous experience in federal contracting environments.
• Experience with mobile penetration testing (Android/iOS) or cloud environments (AWS/Azure/GCP).
• Familiarity with CI/CD and supply chain security testing.
• Knowledge of modern app architectures like microservices and containers.

What We Offer

• Competitive salary range of $120,000 - $150,000 per year.
• Remote work flexibility, allowing you to work from anywhere in the continental U.S.
• Opportunities for professional development and certifications.
• A collaborative work environment with a focus on innovation.
• Support for visa sponsorship for international candidates.