Red Team Penetration Tester and Operator, Senior

Key Role:

Lead enterprise and system-focused network and penetration assessments to identify security risks within applications, security controls, and network infrastructure. Combine offensive security and consulting expertise to deliver security analysis and provide solutions to Booz Allen's Enterprise Technology Services and Solutions team. Plan and execute end-to-end red and purple team scenarios to highlight gaps impacting the organization's security posture using established rules of engagement. Perform penetration testing, including Internet, intranet, wireless, mobile devices and applications, and web applications. Convey complex technical security concepts to technical and non-technical stakeholders including executives. Provide technical leadership and advise team members to help them grow into tomorrow's offensive security experts. Join a team of security enthusiasts that perform security cutting edge research pertinent to the firm and promote an environment of innovation and knowledge sharing. This position is open to remote delivery anywhere within the U.S., to include the District of Columbia.

Basic Qualifications:

  • 3+ years of experience with penetration testing and red teaming

  • Experience with vulnerability enumeration and exploitation frameworks, including Burp Suite Pro, Metasploit, Cobalt Strike, Armitage, and PowerSploit

  • Knowledge of functionality and capabilities of network defense technologies, including incident response, web application firewalls, SIEM and EDR solutions, and evasion techniques 

  • Ability to write high-quality assessment reports and effectively communicate with clients, teammates, and senior leadership 

  • Ability to mentor junior and mid-level staff by teaching the latest penetration testing techniques 

  • Ability to operate and lead organized security testing engagements with little assistance while demonstrating strong team building skills 

  • Ability to obtain a security clearance

  • Bachelor's degree

Additional Qualifications:

  • Experience with testing cloud-hosted solutions 

  • Experience with red teaming to covert computer network exploitation

  • Knowledge of Active Directory, Azure Active Directory, Azure Directory Federation Services, Azure App Hosting Services, and Amazon Web Services 

  • Knowledge of scripting languages, API functionality, and data access methodologies 

  • Ability to operate in a fast-paced work environment, multi-task, and handle truncated delivery deadlines 

  • Ability to craft custom exploits for proof-of-concept code 

  • Possession of excellent verbal and written communication skills 

  • OSCP Certification 


Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.


At Booz Allen, we celebrate your contributions, provide you with opportunities and choice, and support your total well-being. Our comprehensive benefit offerings include healthcare, retirement plan, insurance programs, commuter program, employee assistance program, paid and unpaid leave programs, education assistance, and childcare benefits.


The salary for this position will be determined based on various factors. The proposed salary range for this position in Colorado is $101,000 to $187,500.

We’re an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change – no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.

Not ready to apply? Join our talent community and sign up for job alerts.