Penetration Tester
Location: McLean, VA
Company: Revolutional, LLC
Job Description Apply Now
Revolutional delivers advanced technology solutions and mission support to federal agencies across civilian, health, and national security environments. We apply modern capabilities, including AI/ML, cloud, cybersecurity, and IT modernization to solve complex challenges, enable faster and more secure operations, and drive measurable mission outcomes.
We are redefining how federal technology gets built and delivered by operating with a product mindset, prioritizing speed, ownership, and execution over bureaucracy.
Penetration Tester
Location: Remote
Terms: Full-time
Clearance: Ability to obtain and maintain public trust as required
Project Description
This position supports cybersecurity operations and offensive security testing efforts for the Department of Veterans Affairs (VA). The role focuses on conducting time-based penetration testing activities that support the Authority to Operate (ATO) approval process for system owners across enterprise environments.
The environment includes modern web applications, APIs, cloud infrastructure, operating systems, databases, and network devices across both on-premises and cloud-hosted systems.
The core challenge: proactively identifying vulnerabilities and security weaknesses before adversaries can exploit them while supporting mission-critical healthcare and federal systems.
Position Description
As a Penetration Tester at Revolutional, you will proactively identify vulnerabilities across enterprise systems, applications, cloud infrastructure, and networks through structured offensive security assessments. You will support the full penetration testing lifecycle from reconnaissance and exploitation through reporting and remediation guidance.
This role requires cybersecurity professionals who can operate independently, think like an adversary, and deliver actionable security findings that improve the security posture of federal systems. You will contribute beyond task execution by developing testing methodologies, improving offensive security capabilities, and supporting advanced Red Team operations.
Responsibilities:
- Perform time-based penetration testing against web applications, databases, APIs, network devices, operating systems, cloud environments, and infrastructure devices
- Conduct in-depth manual web application testing against modern frameworks and APIs to identify OWASP Top 10 vulnerabilities
- Perform assessments across on-premises systems and cloud infrastructure using advanced tactics, techniques, and procedures (TTPs)
- Utilize industry-standard offensive security tools to conduct automated vulnerability scans and manual security assessments
- Review newly published vulnerabilities and develop impact assessments for customer environments
- Analyze vulnerabilities and determine associated risks based on exploitability and operational impact
- Create clear, concise, and actionable reports to communicate findings, metrics, and remediation recommendations
- Generate automated and manual assessment reports and present findings to customers and stakeholders
- Develop new testing techniques, tools, scripts, and programs to enhance Offensive Security Team capabilities
- Maintain offensive security infrastructure, hardware, and software used for assessments and attack simulations
- Support information gathering, threat modeling, vulnerability analysis, exploitation, post-exploitation, and reporting activities
- Contribute to cybersecurity best practices, operational procedures, and reporting methodologies
- Support assessments that may require work outside standard business hours
Technical Environment
Operating Systems
- Kali Linux Suite
- Nessus (Tenable)
- Burp Suite Professional
- NMAP
- Windows
- Unix
- Linux
Security Practices
- Penetration Testing
- Vulnerability Analysis
- Threat Modeling
- Post Exploitation
- Red Team Operations
- Security Reporting
Scripting & Automation
- Bash
- PowerShell
- Security automation and scripting tools
Note: This role may include exposure to advanced offensive security operations including Red Teaming, malware analysis, EDR evasion techniques, and cloud security assessments.
What You Bring (Requirements):
- Baseline Requirements:
- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field (5 years of additional relevant experience may substitute for education)
- 1-4 years of experience in IT functions such as network administration, systems engineering, or cybersecurity
- 2-4 years of experience supporting offensive cybersecurity or penetration testing activities
- Ability to obtain and maintain required federal clearance/public trust as needed
- Technical Capabilities:
- Experience supporting Windows, Unix, and Linux operating systems
- Experience conducting penetration testing using industry-standard offensive security tools
- Experience identifying and validating web application vulnerabilities and security weaknesses
- Experience with vulnerability scanning and manual security assessments
- Ability to perform scripting and automation using Bash, PowerShell, or similar languages
- Understanding of penetration testing methodologies, threat modeling, exploitation, and post-exploitation techniques
- Ability to communicate technical findings clearly through written reports and customer briefings
- Core Strengths:
- Strong analytical and problem-solving skills
- Ability to think critically and operate with an adversarial mindset
- Strong ownership mindset and accountability for outcomes
- Effective written and verbal communication skills
- Ability to operate in fast-paced and mission-focused environments
- Strong collaboration and teamwork skills
Nice to Have (Differentiators):
- GIAC Web Application Penetration Tester (GWAPT) certification
- Offensive Security Certified Professional (OSCP) certification
- Certified Red Team Operator (CRTO) certification
- Experience utilizing AI-assisted tools, automation frameworks, or scripted solutions to enhance penetration testing and vulnerability analysis
- Experience with advanced Red Team operations including reverse engineering, malware development, command and control (C2), and EDR evasion techniques
- Experience supporting federal government cybersecurity programs
___________________________________________________________________________________________________________
Here at Revolutional we are pleased to have been repeatedly recognized for our outstanding work culture, the innovative work we do, and the employees on our team who make a difference each day. Some of these recognitions include:
- Recognized as a Top 20 "Best Place to Work in Virginia"
- Recipient of Department of Labor's HireVets Gold Medallion
- Great Place to Work Certification for five years running
- A Virginia Chamber of Commerce Fantastic 50 company
- A Northern Virginia Technology Council Tech 100 company
- Inc. 5000 list of fastest growing companies for eleven years
- Two-time SBA SBIR Tibbett's Award winner
- Virginia Values Veterans (V3) Certification
We recognize that every bit of our success is the result of our teams of hard-working, motivated, and innovative professionals who are proud to call themselves part of the Revolutional family! In addition to competitive compensation, a family-focused culture, and a dynamic, productive work environment, we offer all full-time employees a variety of benefits including, but not limited to
- Traditional and HSA- eligible medical insurance plans
- 100% employer-paid dental and vision insurance options
- 100% employer-sponsored STD, LTD, and life insurance
- 5% 401(k) company matching
- Flexible-schedules and teleworking options
- Paid holidays and PTO Accrual Plans
- Paid Parental Leave
- Professional development and career growth opportunities
- Team and company-wide events, recognition, and appreciation-- and so much more!
Check out our to find out a little more about who we are and if we are the right next step for your career!
Revolutional is an Equal Opportunity Employer providing equal employment opportunity to all employees and applicants for employment without regard to race, color, religion, national origin, age, gender, gender identity, sexual orientation, disability, or genetics. Revolutional does and will take affirmative action to employ and advance in employment individuals with disabilities and protected veterans. To perform the above job successfully, an individual must possess the knowledge, skills, and abilities listed; meet the education and work experience required; and must be able to perform each essential duty and responsibility satisfactorily. Other duties in addition to those listed may be assigned as necessary to meet business needs. Reasonable accommodation will be made to enable an applicant with a disability to successfully apply for and/or perform the essential duties of the job. If you are in need of an accommodation, please contact .