Penetration Testing - SME

Location: Remote / Hybrid / Travel as Required

Security Requirement:
Must be eligible to obtain and maintain an HHS Tier 4 High Risk Public Trust.

Position Summary

EnDyna is seeking a highly experienced Penetration Testing Subject Matter Expert (SME) to provide technical leadership supporting the HHS Office of Inspector General Cyber Assessment Team.

The SME will lead complex penetration testing engagements, provide technical consulting to Federal auditors, develop testing methodologies, mentor penetration testers, deliver cybersecurity training, and serve as a trusted advisor to Government leadership.

Primary Responsibilities

Technical Leadership

  • Lead penetration testing engagements
  • Develop attack strategies
  • Review Rules of Engagement
  • Provide technical oversight
  • Review testing methodologies
  • Ensure technical quality
  • Mentor penetration testers
  • Validate technical findings

Advanced Penetration Testing

Lead and perform:

  • Red Team operations
  • Advanced exploitation
  • Cloud security testing
  • AI security testing
  • Active Directory attacks
  • Wireless testing
  • Mobile security
  • Web application assessments
  • Social engineering assessments
  • Container security testing
  • Internal network assessments
  • External network assessments

Technical Consulting

Serve as cybersecurity advisor to OIG auditors by:

  • Providing technical guidance
  • Supporting complex audits
  • Evaluating security architectures
  • Reviewing vulnerability data
  • Advising on remediation strategies
  • Supporting Cyber Range activities

Reporting

Lead development of:

  • Executive briefings
  • OARS findings
  • Penetration test reports
  • Conclusions memoranda
  • Attack confirmation lists
  • Risk analyses
  • Technical recommendations

Training

Develop and deliver:

  • 4–5 day penetration testing courses
  • Hands-on laboratories
  • Live exploit demonstrations
  • Capstone exercises
  • Instructor coaching
  • Training materials
  • Student guides
  • Presentation slides

Technical Expertise

Demonstrated expertise in:

  • Offensive Security
  • Threat emulation
  • Adversary tactics
  • Cloud security
  • Active Directory
  • Application security
  • Network security
  • Secure development
  • Risk management
  • Federal cybersecurity

Minimum Qualifications

  • Bachelor's degree
  • Master's preferred
  • 10+ years of penetration testing experience
  • 5+ years leading technical teams
  • Experience supporting Federal agencies
  • Extensive report writing experience
  • Strong presentation skills

Highly Desired Certifications

One or more advanced certifications:

  • OSCE3
  • OSEP
  • OSEE
  • GXPN
  • GPEN
  • CISSP
  • GREM
  • CRTO
  • CARTP
  • CARTC

Preferred Experience

Experience with:

  • HHS
  • OIG
  • DHS
  • Federal Inspector General organizations
  • NIST SP 800-115
  • Federal auditing
  • Cyber Range environments
  • Offensive security consulting