Cybersecurity Pen Tester Engineer - Senior

Position Summary

ECS is seeking a Cybersecurity Pen Tester Engineer - Senior to support the Army National Guard (ARNG) Enterprise Network Operations and Cybersecurity Support (ENOCS) program. In this role, you will support Task 3 — Cybersecurity Operations Support by leading penetration testing and adversarial assessments of networks, systems, applications, and enclaves across the ARNG enterprise. You will develop test plans, rules of engagement, and exploitation methodologies; execute manual and automated testing; validate remediation through retesting; and produce technical reporting that informs risk decisions, mitigation planning, and overall cybersecurity posture. This position works closely with ENOCS cybersecurity operations, engineering, compliance, incident response, and RMF personnel to strengthen Defensive Cyberspace Operations – Internal Defensive Measures (DCO-IDM) across the DoDIN-Army-NG area of responsibility.

This role directly supports a mission environment that delivers DoDIN services and cyber defense for more than 120,000 users and approximately 141,000 endpoints across about 2,800 sites in 54 states and territories. The Cybersecurity Pen Tester Engineer - Senior contributes to protection of both classified and unclassified network environments that enable ARNG Title 10 and Title 32 missions, mobilization readiness, domestic emergency response, and classified SIPRNet operations. The position operates within a technical ecosystem that includes coordination with the NETCOM Global Cyber Center and DISA DCDC, and interfaces with enterprise cyber operations built around USIEM, EDR, IDS/IPS, eMASS, ACAS, STIG-aligned compliance activities, and DCO-focused monitoring and response processes.

Please Note: This position is contingent upon contract award.

Responsibilities

• Lead penetration testing and adversarial assessments of ARNG networks, systems, applications, and enclaves to evaluate enterprise security posture and identify exploitable weaknesses.
• Develop detailed test plans, rules of engagement, and exploitation methodologies aligned to DoD and ARNG cybersecurity policy, operational constraints, and RMF requirements.
• Execute advanced manual and automated exploitation activities against classified and unclassified environments, documenting attack paths, technical impacts, and risk implications.
• Validate remediation effectiveness through structured retesting and provide clear technical feedback to system owners, engineers, and cybersecurity operations personnel.
• Produce comprehensive technical reports and executive summaries that prioritize findings by risk, clearly describe vulnerabilities, and recommend practical mitigation strategies.
• Coordinate assessment activities with Task 3 cybersecurity operations teams to support DCO-IDM objectives across the DoDIN-Army-NG area of responsibility.
• Support cybersecurity reporting and risk decisions by aligning assessment results with eMASS documentation, POA&M development, and ongoing RMF compliance activities.
• Collaborate with SOC and monitoring teams that leverage USIEM, EDR, and IDS/IPS analytics to inform threat-informed testing, identify defensive gaps, and strengthen enterprise detections.
• Engage with stakeholders operating in coordination with the NETCOM Global Cyber Center and DISA DCDC to ensure testing activities support 24/7/365 cybersecurity engineering, operations, and vulnerability management objectives.