Penetration Tester (Onsite - Washington, DC) Job at Dhaka Technologies Limited Company, Washington DC

RXJXV0NncUVJMndVeW1MM3lJVzllWFJyQkE9PQ==
  • Dhaka Technologies Limited Company
  • Washington DC

Job Description

Position Summary

Dhaka Technologies Limited is seeking an experienced Penetration Tester to support a cybersecurity assessment and program implementation effort for a District government oversight organization. This role will perform quarterly external penetration testing of public-facing systems, support vulnerability identification across applications/systems/networks, and produce executive-ready technical reports aligned to NIST 800-53 (Moderate) .

This is a hands-on, mission-critical role operating in a sensitive environment where confidentiality, discipline, and non-disruptive testing are mandatory.

Location & Work Mode

  • Washington, DC (Onsite required)

  • Some planning/reporting tasks may be remote, but testing activities are onsite .

Key Responsibilities

Penetration Testing & Validation

  • Conduct quarterly external penetration tests of public-facing web applications and security boundary.

  • Perform ethical exploitation to validate vulnerabilities and demonstrate potential impact (without service disruption).

  • Support selection of systems for deeper penetration testing based on scanning results and client coordination.

  • Validate exploitation paths and privilege escalation potential (as authorized) to assess lateral movement risk.

Vulnerability Assessment & Discovery

  • Execute network mapping , discovery, and vulnerability scanning across defined scope.

  • Conduct web application security assessments aligned to OWASP Top 10 (e.g., XSS, SQLi, auth/session issues, misconfigurations).

  • Support database security assessment activities (configuration baseline checks, patch validation, limited user rights review, default credential checks—when authorized).

Reporting & Documentation

  • Produce high-quality reports with:

    • Executive summary

    • Methodology

    • Vulnerability matrix (severity-ranked)

    • Verification evidence

    • Remediation recommendations and prioritized roadmap

    • Tooling used, logs/screenshots as needed

  • Deliver quarterly testing reports and support any retesting/validation requested by the client.

Collaboration & Program Support

  • Coordinate closely with the Project Manager, GRC team, and Security Architect to ensure findings map to NIST 800-53 control objectives .

  • Participate in weekly status meetings and maintain clear communication on progress, risks, and constraints.

Mandatory Rules of Engagement (Non-Negotiable)

  • No Denial-of-Service testing and no actions that disrupt operations.

  • Do not delete or alter live data.

  • Follow strict security handling rules for sensitive information; use only approved methods for communication and data transfer.

  • Report any suspected security incidents or impacts immediately per client procedures.

  • Must be able to sign a Non-Disclosure Agreement (NDA) and comply with all client security policies.

Required Qualifications

  • Demonstrated experience performing penetration testing and vulnerability assessments, ideally in government or regulated environments .

  • Strong web application testing experience (manual + automated) and familiarity with OWASP methodologies.

  • Working knowledge of network protocols, network design, and common enterprise security controls.

  • Ability to write clear, structured, professional security reports for both technical and executive audiences.

  • Strong judgment and professionalism in sensitive environments (confidential data, oversight context).

Preferred Certifications (One or More)

  • OSCP , GWAPT , CEH , CREST , GIAC (e.g., GSNA/GWEB), CPT/CEPT

    (Equivalent certifications and demonstrable experience will be considered.)

Tools & Technical Skills (Preferred)

  • Experience with common testing tool sets (e.g., Burp Suite, Nmap, vulnerability scanners, web testing frameworks)

  • Familiarity with enterprise environments, firewalls/IPS, endpoint security controls, and secure configuration baselines

  • Comfort operating within defined ROE and change-controlled environments

Employment Type

  • Contract / Full-time (based on project needs)

  • Start date and duration: aligned to project schedule through September 30, 2026 , with possible option-year sustainment.

How to Apply

Please submit the document and email to talent@dhakatech.us with a Subject line Penetration Tester DC. 

  • Resume

  • Relevant certifications (if available)

  • Short summary of 2–3 recent penetration testing engagements (scope, environment, your role, outcomes)

  • 3 References 

Job Tags

Full time, Contract work, Immediate start, Remote work,

Similar Jobs

TLC Healthforce

Travel Registered Nurse PICU Job Job at TLC Healthforce

Step into a pivotal role as a PICU Registered Nurse in Marietta, Georgia, where your clinical mastery and compassionate leadership will help fragile...  ..., unit needs, and your own career goals. A full package of travel and assignment support is provided, including a dedicated 24... 

Gas Field Specialists

Welder's Helper Job at Gas Field Specialists

WELDER'S HELPER JOB DESCRIPTIONGas Field Specialists, Inc. is an independent gas service company with offices located in New York and...  ...loaders, and trucks. Performs for or working directly with other oil field employees and the public. Operates small hand tools and... 

Siemens Healthineers

Travel Ultrasound Technologist - $2,700 per week Job at Siemens Healthineers

 ...Siemens Healthineers is seeking a travel Ultrasound Technologist for a travel job in Mankato, Minnesota. Job Description & Requirements ~ Specialty: Ultrasound Technologist ~ Discipline: Allied Health Professional ~ Duration: 13 weeks ~40 hours per week... 

Contour Airlines

Flight Attendant - Cavern City Airport Job at Contour Airlines

 ...team to achieve ambitious goals. Full-Time Employee Benefits & Compensation...  ...opportunities. We invite you to become part of our family and contribute to our ongoing...  ...Summary of Essential Duties The Flight Attendant is responsible for ensuring the safety,... 

Phillips 66

Maintenance Technician, Permian Area Midstream Job at Phillips 66

 ...materials and equipment in a cost-effective manner. Dispatches field crews engaged in the construction, maintenance, and emergency...  ...more years of experience in Maintenance and Construction in the oil and gas industry ~ Valid driver's license ~ Willing and able...