Penetration Testing Lead


Company Description

MindPoint Group has been focused on Cybersecurity consulting since its inception. We are the trusted cybersecurity advisors to key government and commercial decision-makers.

MindPoint Group supports security operations for the most security-conscious organizations in the world, and we design and implement innovative security solutions to defend against today’s risks, and tomorrow’s potential attacks.

We believe that helping organizations operate from the best security posture possible requires automation. We believe that empowering our employees to excel and providing them with the means to do so enables MindPoint Group to consistently exceed our clients’ expectations.

Unlike many IT consultancies, we’re not a body shop. Our client engagements are challenging and growth-oriented. Our relationship with you is for the long run because in this business, your success is our success.

get Jobs in Canada on telegram

That’s why we treat investments in employees as investments in the company itself, which is why we offer fantastic benefits (healthcare, generous PTO, paid maternity and paternity leave, and tuition reimbursement to name a few).

But you’ll want to work here for reasons that can’t be written into an offer letter—the challenge, growth opportunities, and most important: the culture of a company that cares about you.

We are an established, profitable, and growing company that promises you the following:

  • A diverse organization.
  • A safe workplace with zero tolerance for discrimination and harassment of any kind.
  • A balanced work life. Seriously.
  • A flexible schedule.
  • A leadership team that is focused on your professional growth and development.

Job Description

MindPoint Group, LLC is seeking a Penetration Testing Lead to support a team of professionals conducting penetration testing and security assessments in accordance with Federal laws, OMB/NIST and FedRAMP guidance and standards, and client FISMA policies, standards and procedures. The following services will be provided by the Penetration Testing Lead:

  • Performs penetration testing of the ATO NAS security posture to provide detailed analysis and identification of application, system, and network vulnerabilities; gaps in IT security guidance, and assessment of patching/mitigation methodologies
  • Acts as Ethical white hat attacker (red teamer) to simulate cyberattacks, and/or Defensive cybersecurity personnel (blue teamer) to harden against simulated attacks.
  • Develops and prepares penetration testing Rules of Engagement, test plans, and reports.
  • Provides recommended remediation actions to lower overall risk exposure, as required
  • Provides technical expertise on penetration testing tools and simulation environment,

Functional Responsibilities

The Penetration Testing Lead may perform any or all of the following:

  • Conducts vulnerability assessments
  • Carries out penetration tests
  • Performs social engineering tests
  • Analyzes technical security weaknesses
  • Performs risk analyses; and develops exploits
  • Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding and encryption.
  • Develop tools, techniques, training and countermeasures for computer and network vulnerabilities, data hiding and encryption.


  • Master’s Degree in Cyber Security, Computer Science, Information Technology, Engineering, Mathematics, or Physics,
  • A minimum of 2 of the Red Teaming certifications or 2 of the Blue Team Certifications
  • 10 years’ experience related to the work/responsibilities outlined in the Position Description

Red Team Certs

  • Offensive Security Certified Professional (OSCP)
  • Offensive Security Certified Expert (OSCE)
  • Offensive Security Wireless Professional (OSWP)
  • Offensive Security Web Expert (OSWE)
  • Certified Ethical Hacker (CEH)
  • EC-Council Certified Security Analyst (ECSA)
  • Certified Ethical Hacker (CEH) Practical
  • EC-Council Certified Security Analyst (ECSA) Practical
  • Licensed Penetration Tester (LPT) Master
  • Certified Incident Handler (GCIH)
  • Penetration Tester (GPEN)
  • Web Application Penetration Tester (GWAPT)
  • Exploit Researcher and Advanced Penetration Tester (GXPN)
  • Assessing and Auditing Wireless Networks (GAWN)

Blue Team Certs

  • Certified Network Defender (CND)
  • Certified Network Defense Architect (CNDA)
  • Certified Incident Handler (GCIH)
  • Certified Intrusion Analyst (GCIA)
  • Defending Advances Threats (GDAT)
  • Defensible Security Architecture (GDSA)
  • Certified Enterprise Defender (GCED)

Additional Information

  • All your information will be kept confidential according to EEO guidelines
  • Equal Opportunity Employer Veterans/Disabled

To apply for this job please visit