Cyber Security Penetration Tester (Active Polygraph Required)

Clearance Level
Top Secret SCI + Polygraph
Cyber Security
McLean, Virginia

REQ#: RQ134240

Travel Required: Less than 10%
Public Trust: None
Requisition Type: Regular

We are GDIT. We support and secure some of the most complex government, defense, and intelligence projects across the country. At GDIT, cyber security is not just a singular part of our mission—it connects every one of us because it’s embedded into every aspect of what we do.

GDIT is your place. You make it your own by bringing your ideas and unique perspective to our culture. By owning your opportunity at GDIT, you are helping us ensure today is safe and tomorrow is smarter. Our work depends on a SCA Pen Tester joining our team to support ODNI Customer activities at McLean, VA.

At GDIT, people are our differentiator. As a SCA Pen Tester supporting the ODNI Customer, you will be trusted to work on innovative solutions that will transform and enhance the Enterprise IT environment to meet the growing global mission. In this role, a typical day will include:

  • Conduct internal penetration testing and vulnerability assessment of servers, web applications, web services, and databases
  • Manually exploit and compromise operating systems, web applications, and databases
  • Examine results of web/OS scanners, scans and static source code analysis
  • Identify vulnerabilities, misconfigurations, and compliance issues
  • Write final reports, defend all findings to include the risk or vulnerability, mitigation strategies, and references
  • Ability to meet and coordinate with various audiences to include developers, system administrators, project managers, and senior government stakeholders
  • Provide security recommendations for developers, system administrators, project managers, and senior government stakeholders
  • Report vulnerabilities identified during security assessments
  • Write penetration testing Rules of Engagements (RoE), Test Plans, and Standard Operating Procedures (SOP)
  • Conduct security reviews, technical research, and provided reporting to increase security defense mechanisms
  • Experience with NIST 800-53 and Risk Management Framework


  • Current TS/SCI clearance with polygraph
  • BA/BS degree or equivalent work experience
  • 8+ years of relevant work experience
  • Desired Skills: Board certified in relevant security programs (e.g., CISSP, CISM, CISA, CEH, NCSF, CAP); Professional certifications in cloud technologies – Amazon and Microsoft Azure; Understanding of FISMA


  • Certifications: CEH – Certified Ethical Hacker Certification, CPT – Certified Penetration Tester
  • Strong writing skills
  • Experience with AWS Cloud Security


  • 401K with company match
  • Comprehensive health and wellness packages
  • Internal mobility team dedicated to helping you own your career
  • Collaborative teams of highly motivated critical thinkers and innovators
  • Ability to make a real impact on the world around you

Not sure this job’s the one for you? Check out our other openings at

Do you have a friend or colleague this posting describes? Let them know about the opportunity by clicking “Share.” 


About Our Work

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

COVID-19 Vaccination

GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.