Penetration Tester

Role:Penetration Tester-GovRAMP/FedRAMP Focus

Location:Fully Remote (Anywhere in the United States)

Salary Range:$90,000 – $120,000

We are working on behalf of a leading U.S.-based cybersecurity consultancy to find aRAMP-experienced Penetration Testerfor a fully remote, full-time role. This is a strategic position for a professional who thrives in regulated environments and is looking to lead meaningful work in support of federal cybersecurity programs.

Key Responsibilities:

• Plan, lead, and execute

  GovRAMP and/or FedRAMP penetration testing assessments, ensuring adherence to regulatory frameworks and client-specific requirements.

• Develop tailored testing methodologies and threat models based on system architecture and data sensitivity.

• Produce comprehensive, high-quality technical and executive-level reports that clearly articulate findings, risks, and remediation strategies.

• Coordinate with client security and compliance teams to validate remediation efforts and assist with mitigation planning.

• Oversee multiple assessment projects simultaneously, managing timelines, deliverables, and client expectations.

• Maintain up-to-date knowledge of the RAMP landscape, including evolving federal compliance standards and assessment best practices.

• Cultivate and manage long-term client relationships, acting as a trusted technical advisor.

• Mentor and support junior penetration testers, contributing to training, skill development, and overall team capability.

Required Qualifications:

• 5+ years of experience in penetration testing, with a

  minimum of 2 years specifically focused on GovRAMP/FedRAMP assessments.

• At least one of the following certifications:

• OSCP / OSCP+

• CompTIA PenTest+

• CASP+

  or other relevant industry-recognized certifications.

• Experience delivering at least

  25 successful penetration testing engagements, preferably in professional services or consulting settings.

• Strong written and verbal communication skills, particularly in translating complex findings for technical and non-technical stakeholders.

• Ability to work independently in a remote environment while managing priorities across multiple concurrent projects.

Interviews are scheduled to take place next week so if you’re interested in hearing more about this and other roles, then please get in touch asap to discuss further at 480-818-6995 or send your Resume to k.adams@locke-mccloud.com

Locke & McCloud is the US's leading cyber security & information security staffing company – through having a sole focus on the cyber & information security space we have been able to foster solid relationships with some of the US’s most exciting cyber security consultancies & end-users. Our focus on the information security space allows us to be able to help you find the most exciting opportunities in the cyber security market. If you are looking for your next cybersecurity or information security role, please get in touch!