Exploitation Engineer Lead IV

COMPANY OVERVIEW

Founded in 2007 in Huntsville, AL, MartinFed provides the U.S. government with customer-focused, performance-based solutions using technology and an empowered workforce as an engine to drive its customers' missions. Our goal is to attract the best and brightest within their field.

We invest in our people because they are our greatest asset. They cultivate our purpose, embody and reflect our core values, and define our culture. MartinFed's core values that set us apart are the following:

• Be Driven - We are fueled by the hunger to learn more and do more.
• Be Curious - We engage in continuous improvement - never accepting the status quo.
• Be Humble - We seek honest feedback to strengthen our relationships.
• Pursue Excellence - We strive to achieve extraordinary results and do not settle for mediocrity.

Strive for excellence and consider joining our growing team today!

Please note: this position is contingent upon contract award.

JOB OVERVIEW:

MartinFed is seeking an experienced Exploitation Engineer Lead IV to lead advanced vulnerability assessment, penetration testing, and security validation efforts supporting enterprise and mission-critical environments. This senior-level position requires a highly skilled cybersecurity professional capable of identifying, analyzing, and mitigating vulnerabilities across networks, systems, applications, databases, and cloud environments.

The successful candidate will serve as a technical lead responsible for planning and executing comprehensive security assessments, developing remediation strategies, mentoring junior engineers, and supporting compliance with federal cybersecurity standards. The Exploitation Engineer Lead IV will leverage industry-leading security tools and methodologies to evaluate organizational security posture and enhance defensive capabilities.

• Lead vulnerability assessment and penetration testing activities against enterprise infrastructure, applications, databases, and cloud environments.
• Conduct advanced security testing to identify exploitable vulnerabilities and security weaknesses.
• Develop, coordinate, and execute vulnerability management strategies across multiple environments.
• Analyze assessment results and provide risk-based recommendations for remediation and mitigation.
• Perform web application, network, host, database, and wireless security assessments.
• Lead red team, adversary emulation, and exploitation activities when required.
• Validate remediation efforts through retesting and verification assessments.
• Collaborate with system owners, engineers, and security teams to resolve identified vulnerabilities.
• Develop detailed technical reports, executive summaries, and risk assessments.
• Provide technical leadership and mentoring to cybersecurity assessment personnel.
• Support continuous monitoring and compliance efforts in accordance with federal cybersecurity requirements.
• Research emerging threats, attack techniques, and security vulnerabilities to improve organizational defenses.
• Assist in developing security standards, testing methodologies, and assessment procedures.

REQUIRED QUALIFICATIONS:

• United States Citizen with a DoD Secret clearance.
• Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Systems, or a related technical field.
• Minimum 8 years of hands-on experience in vulnerability assessment, penetration testing, or cybersecurity engineering.
• Active certifications:
  • CompTIA PenTest CE
  • CompTIA CASP CE
  • CompTIA CySA CE
  • CompTIA Security CE
• Demonstrated experience performing enterprise vulnerability assessments and security testing.
• Experience utilizing the following security tools and platforms:
  • Synack
  • TCNA/TCSE
  • Tanium, BigFix, and/or Tenable Security Center
  • IBM Guardium
  • Burp Suite Enterprise
  • Acunetix 360
  • Trustwave
• Strong understanding of vulnerability management lifecycle processes.
• Experience conducting network, application, database, and system security assessments.
• Knowledge of common attack vectors, exploitation techniques, and threat actor methodologies.
• Experience interpreting and applying security standards and frameworks including:
  • NIST 800 Series
  • Risk Management Framework (RMF)
  • FISMA
  • STIGs
  • OWASP Top 10

PHYSICAL REQUIREMENTS & ENVIRONMENTAL CONDITIONS

• Inside office environment.
• Working on a computer for long periods of time.
• May involve long period of sitting at a desk.
• The work environment is fast-paced and sometimes involves extreme deadline pressures.

OTHER DUTIES

This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

MartinFed is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, religious creed, gender, sexual orientation, gender identity, gender expression, transgender, pregnancy, marital status, national origin, ancestry, citizenship status, age, disability, protected Veteran Status, genetics or any other characteristics protected by applicable federal, state or local law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. In addition to federal law requirements, MartinFed complies with all applicable state and local laws governing nondiscrimination in all locations.

If you are a qualified individual with a disability or disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access MartinFed's current openings as a result of your disability. You can request reasonable accommodations by calling 855.212.1810. Thank you for your interest in MartinFed.

Please Note: All positions at MartinFed are contingent upon passing a background check prior to a start date and are subject to random drug screenings during the employment period. In addition, MartinFed is an E-Verify employer.