Dhaka Technologies Limited is seeking an experienced Penetration Tester to support a cybersecurity assessment and program implementation effort for a District government oversight organization. This role will perform quarterly external penetration testing of public-facing systems, support vulnerability identification across applications/systems/networks, and produce executive-ready technical reports aligned to NIST 800-53 (Moderate) .
This is a hands-on, mission-critical role operating in a sensitive environment where confidentiality, discipline, and non-disruptive testing are mandatory.
Washington, DC (Onsite required)
Some planning/reporting tasks may be remote, but testing activities are onsite .
Conduct quarterly external penetration tests of public-facing web applications and security boundary.
Perform ethical exploitation to validate vulnerabilities and demonstrate potential impact (without service disruption).
Support selection of systems for deeper penetration testing based on scanning results and client coordination.
Validate exploitation paths and privilege escalation potential (as authorized) to assess lateral movement risk.
Execute network mapping , discovery, and vulnerability scanning across defined scope.
Conduct web application security assessments aligned to OWASP Top 10 (e.g., XSS, SQLi, auth/session issues, misconfigurations).
Support database security assessment activities (configuration baseline checks, patch validation, limited user rights review, default credential checks—when authorized).
Produce high-quality reports with:
Executive summary
Methodology
Vulnerability matrix (severity-ranked)
Verification evidence
Remediation recommendations and prioritized roadmap
Tooling used, logs/screenshots as needed
Deliver quarterly testing reports and support any retesting/validation requested by the client.
Coordinate closely with the Project Manager, GRC team, and Security Architect to ensure findings map to NIST 800-53 control objectives .
Participate in weekly status meetings and maintain clear communication on progress, risks, and constraints.
No Denial-of-Service testing and no actions that disrupt operations.
Do not delete or alter live data.
Follow strict security handling rules for sensitive information; use only approved methods for communication and data transfer.
Report any suspected security incidents or impacts immediately per client procedures.
Must be able to sign a Non-Disclosure Agreement (NDA) and comply with all client security policies.
Demonstrated experience performing penetration testing and vulnerability assessments, ideally in government or regulated environments .
Strong web application testing experience (manual + automated) and familiarity with OWASP methodologies.
Working knowledge of network protocols, network design, and common enterprise security controls.
Ability to write clear, structured, professional security reports for both technical and executive audiences.
Strong judgment and professionalism in sensitive environments (confidential data, oversight context).
OSCP , GWAPT , CEH , CREST , GIAC (e.g., GSNA/GWEB), CPT/CEPT
(Equivalent certifications and demonstrable experience will be considered.)
Experience with common testing tool sets (e.g., Burp Suite, Nmap, vulnerability scanners, web testing frameworks)
Familiarity with enterprise environments, firewalls/IPS, endpoint security controls, and secure configuration baselines
Comfort operating within defined ROE and change-controlled environments
Contract / Full-time (based on project needs)
Start date and duration: aligned to project schedule through September 30, 2026 , with possible option-year sustainment.
Please submit the document and email to talent@dhakatech.us with a Subject line Penetration Tester DC.
Resume
Relevant certifications (if available)
Short summary of 2–3 recent penetration testing engagements (scope, environment, your role, outcomes)
3 References
...modeling/analysis with NASTRAN or Altair Optistruct, Hypermesh Experience with aircraft loads analysis, including fatigue MATLAB proficiency or similar Working knowledge of aircraft certification (loads) Knowledge of aerodynamics, flight mechanics and structural...
...and empowered team members who make an impact. The Real Estate and Land Management (RELM) Project Manager is responsible for overseeing and... ...abstract) legal documents (e.g. federal, state, municipal and private records) preferred. Knowledge of pertinent Federal,...
...Medication TechnicianCome Join Us January 15, 2026, 10:00AM-4:00PM We will be hosting a JOB FAIR; there will be on the spot INTERVIEWS and on the spot HIRING! 1 E Selby Lane, Redwood City, Ca 94063Shifts, Time, and Days: ALL SHIFTS 6:00am-2:30PM, 2:00pm-10:30PM, 10:00...
About the Job: Opportunity awaits if you're interested in working for yourself as an independent contractor. Mobile Wellness Solutions is looking for a part-time Mobile Phlebotomist. Job Details: The candidate/phlebotomist is responsible for obtaining vitals, drawing...
...1because you shouldnt have to wait Debt-Free Education earn your degree with no out-of-pocket costs Paid Training to set you up for success Real opportunities... ...as a plasma donor screener and perform phlebotomy to support plasma center operations. How you...