Penetration Tester – IT Security Audit (Short Term/Remote)

Remote

Part Time to Full Time

Experienced

Company Overview:

TestPros is a successful and growing business, established in 1988 to provide Information Technology (IT) technical support services to a wide range of Commercial and U.S. Federal, State, and Local Government customers. Our capabilities include Program Management, Program Oversight, Process Audit, Intelligence Analysis, Cyber Security, NIST 800-53, NIST SP 800-171 / CMMC Consulting/Assessment/Compliance, PCI Compliance, SOC 2, GLBA, Zero Trust, Resiliency, Computer Forensics, Software Supply Chain Assurance, Software Testing, Test Automation, Section 508 and WCAG Accessibility Assessment and Remediation, Localization Testing, Independent Verification and Validation (IV&V), Quality Assurance (QA), Compliance, and Research and Development (R&D) services. TestPros is an Equal Opportunity Employer.

Position: Part time (as needed, 1099 or Corp. to Corp)

Job Summary:

The ideal candidate will have strong hands-on experience conducting external and internal vulnerability assessments, penetration testing, and compliance-based security evaluations for government or municipal environments. This role requires the ability to perform non-disruptive testing, work within outage windows, and deliver clear, executive-level reporting.

Key Responsibilities

Perform external penetration testing and vulnerability scanning across a /24 public IP space.
Conduct internal penetration testing across a /21 internal network, including multiple VLANs and network segments.
Execute an assumed-breach scenario, such as testing from a compromised workstation via VPN.
Conduct a public Wi-Fi security assessment, identifying wireless vulnerabilities and attack vectors.
Evaluate the City's current security posture against CJIS, CORA, and NIST standards.
Coordinate testing that may involve systems or IP ranges belonging to sister government agencies.
Work within designated planned outage windows to perform active testing without disrupting operations.
Document all findings, including:
- What was tested
- What was not tested
- Identified vulnerabilities and exploitability
- Severity and risk prioritization
- Recommended remediation steps
Prepare a comprehensive final report and participate in review meetings if requested.

Required Qualifications

OSCP or OSCE certification (either meets the requirement).
5+ years of hands-on penetration testing and vulnerability assessment experience.
Proven experience performing both external and internal penetration tests in complex environments.
Strong understanding of:
- Network segmentation
- VPN-based testing
- Active Directory
- Cloud/SaaS environments
- Firewall and IDS/IPS technologies
Experience with government, public sector, or municipal IT environments is highly preferred.
Ability to write clear, professional, and actionable technical reports.

Preferred Skills

Experience with SCADA-adjacent environments (testing is not performed on SCADA, but awareness is valuable).
Familiarity with CJIS security policy requirements.
Experience coordinating with multi-agency or cross-organizational IT teams.
Expertise with common tools such as Kali Linux, Burp Suite, Nmap, Metasploit, Nessus/Tenable, and Wireshark.

Engagement Details

Estimated Start: February 2026
Estimated Duration: 6–8 weeks
Work Location: Fully Remote (VPN access provided)
Clearances: Not required, but government experience is a plus

Benefits

TestPros offers a competitive salary, medical/dental/vision insurance, life insurance, paid time off, paid holidays, 401(k) retirement plan with company match, opportunities for professional growth, cell phone discounts, and much more! All benefits are per TestPros current policies and are subject to change without notice. Benefits are available to full-time employees.

TestPros, Inc. is an Equal Opportunity Employer.

EEO Statement

All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, marital status, age, national origin, or protected veteran status.

Apply for this position

Required*

First Name*

Last Name*

Email Address*

Phone*

Address

Resume*

We've received your resume. Click here to update it.

Attach resume or Paste resume

Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

What's your citizenship / employment eligibility?*

Do you hold an OSCP or OSCE certification? These are core requirements for our client, and candidates without them cannot be considered.*

Are you currently open to part-time consulting work (1099 or Corp-to-Corp)? If so, what rate are you targeting? We’re looking for competitive pricing and want to be sure we're aligned.*

Do you have the following experience:

5+ years of hands-on penetration testing and vulnerability assessment experience.

Proven experience performing both external and internal penetration tests in complex environments.

Strong understanding of:

Network segmentation

VPN-based testing

Active Directory

Cloud/SaaS environments

Firewall and IDS/IPS technologies*

Do you have experience with government, public sector, or municipal IT environments?*

Are you available for part time wotk Feb 2025 for 2-3 months? (20-30 hours a week)*

The following questions are entirely optional.

To comply with government Equal Employment Opportunity and/or Affirmative Action reporting regulations, we are requesting (but NOT requiring) that you enter this personal data. This information will not be used in connection with any employment decisions, and will be used solely as permitted by state and federal law. Your voluntary cooperation would be appreciated. Learn more.

Gender

Race/Ethnicity

Invitation for Job Applicants to Self-Identify as a U.S. Veteran

A “disabled veteran” is one of the following:
- a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or
- a person who was discharged or released from active duty because of a service-connected disability.
A “recently separated veteran” means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.
An “active duty wartime or campaign badge veteran” means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.
An “Armed forces service medal veteran” means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Veteran status

I IDENTIFY AS ONE OR MORE OF THE CLASSIFICATIONS OF PROTECTED VETERAN LISTED ABOVE
I AM NOT A PROTECTED VETERAN
I DON’T WISH TO ANSWER

Voluntary Self-Identification of Disability

Voluntary Self-Identification of Disability Form CC-305
OMB Control Number 1250-0005
Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

Alcohol or other substance use disorder (not currently using drugs illegally)
Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
Blind or low vision
Cancer (past or present)
Cardiovascular or heart disease
Celiac disease
Cerebral palsy
Deaf or serious difficulty hearing
Diabetes
Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
Epilepsy or other seizure disorder
Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
Intellectual or developmental disability
Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
Missing limbs or partially missing limbs
Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
Partial or complete paralysis (any cause)
Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
Short stature (dwarfism)
Traumatic brain injury

Please check one of the boxes below:

YES, I HAVE A DISABILITY, OR HAVE HAD ONE IN THE PAST NO, I DO NOT HAVE A DISABILITY AND HAVE NOT HAD ONE IN THE PAST I DO NOT WANT TO ANSWER

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

You must enter your name and date
Name	Date

Human Check*

Submit Application