Senior Security Test & Evaluation Analyst

Ampcus Inc. is a certified global provider of a broad range of Technology and Business consulting services. We are in search of a highly motivated candidate to join our talented Team. Job Title: Senior Security Test & Evaluation Analyst Locations: Washington, DC Responsibilities: Implement comprehensive security testing to include all phases of the ethical hacking process (e.g., reconnaissance, foot printing, scanning, exploitation, and post-exploitation). Conduct security assessment activities (e.g., static or dynamic code review, system architecture diagram review, control evaluation). Analyze data, identify vulnerabilities, and develop corresponding mitigation strategies. Conduct scenario-based and functional security testing during authenticated and unauthenticated testing. Education: At least five years of experience performing the functions associated with this labor category. Experience: Experience implementing comprehensive security tests that include all phases of the ethical hacking process (e.g., reconnaissance, foot printing, scanning, exploitation, and post-exploitation) and other security assessment activities (e.g., static or dynamic code review, system architecture diagram review, control evaluation) to demonstrate or emulate an adversary's ability to gain unauthorized access to sensitive data and systems that reside in either local (on-premises) or cloud computing solutions. Experience analyzing data, identifying vulnerabilities, and developing corresponding mitigation strategies. Experience conducting scenario-based and functional security testing during authenticated and unauthenticated testing. Deep understanding of network protocols, configurations, security technologies, and security practices, including network security, operating system hardening, database security, and web application security for both local (on-premises) and cloud computing solutions. Deep understanding of common vulnerabilities and attack vectors, including experience identifying and exploiting vulnerabilities in operating systems (e.g., Windows, Linux, and MacOS), network devices (e.g., firewalls, routers, and switches) and web applications and application program interfaces (e.g., SQL injection, cross-site scripting and cross-site request forgery). Certifications: CISSP Offensive Security Certified Professional (OSCP) GIAC Penetration Tester (GPEN) Equivalent Ampcus is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veterans or individuals with disabilities.

Created: 2026-03-10