We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
Torch Technologies, Inc. jobs

Cybersecurity Senior (Pen Test) GBO.005

Torch Technologies, Inc.
life insurance, paid time off, 401(k), relocation assistance
Sep 24, 2025

Torch Technologies

Thank you for your interest in employment with Torch Technologies. We are a 100% employee-owned, Certified Great Place To Work and named Best Places to Work in Huntsville/Madison County, headquartered in Huntsville, AL with over 1200 employee-owners. Our team provides superior research, development, and engineering services to the Federal Government and Department of Defense. As one of the nation's top 100 defense companies, the services we provide directly support the men and women who serve our country. Our corporate mission sums up the pride our employee-owners take in the work we do: "Lighting the Pathway of Freedom". And, as a Certified Evergreen ESOP, we have made the commitment to grow and sustain our company for the next 100 years! Come grow with us!

Torch Technologies is seeking a Cybersecurity Senior (Pen Test) within the Business Enterprise Systems Programming Innovation (BESPIN) at Gunter Maxwell AFB, AL. The mission of BESPIN is to use research, design, and technology to help organizations create exceptional experiences and enduring solutions for airmen. We envision BESPIN as an organization that delivers delightful and secure services to all airmen in today's digital age. BESPIN will drive the digital transformation of the Business Enterprise Systems (BES) Directorate in Montgomery, Alabama.

As aCybersecurity, Senior (Pen Test) your duties will include the following, but are not limited to:

  • Support technical assessments of IT systems to include cloud-based and cloud-native applications, web applications, web/application servers, access control, and databases (SQL and NoSQL).

  • Conduct automated testing of web applications and APIs for susceptibility to common and emergent vulnerabilities including OWASP Top 10 and other security flaws using commercial and open source tools

  • Conduct automated testing of mobile-native applications for susceptibility to common and emergent security vulnerabilities using commercial and open source tools

  • Conduct automated vulnerability scanning against supporting infrastructure components using commercial and open source scanning tools.

  • Conduct automated credentialed vulnerability scanning against databases using commercial / open source scanning tools.

  • Conduct manual testing of infrastructure and web applications to identify, test and validate security vulnerabilities.

  • Conduct code review and analysis to assess the security posture using static code analysis tools such as Fortify, Checkmarx, Coverity. Perform pre-assessment research and preparation including reconnaissance, documentation and configuration review, and customer interviews.

  • Conduct reviews of system configurations for identification of security weaknesses or misconfigurations and assist in defining and updating threat models.

  • Assess compliance posture against regulatory requirements such as NIST SP 800-53.

  • Analyze security findings, including risk analysis and root cause analysis.

  • Produce Security Test Report (formal or agile formats as needed) to document security testing, validated vulnerabilities, identified risks, and recommended mitigation/remediation CoAs for consideration.

  • Conduct post-assessment outbriefs and collaboration with development teams, providing guidance and assistance to security and development teams in sound risk mitigation strategies, and review mitigations to validate proper implementation and mitigation.

Job Requirements

  • U.S. Citizenship

  • 3+ years of penetration testing and vulnerability analysis, mitigations and remediations.

  • 5 years experience with software development, design, configure and test IT applications. Experience with cloud DevOps in an agile SDLC is STRONGLY PREFERRED.

  • Understanding of industry-standard security vulnerability frameworks such as OWASP. Top 10 and OWASP Mobile Top 10, and OWASP Mobile Security Testing Guide

  • Understanding of web and mobile (iOS, Android) security models and penetration testing

  • Experience with the NIST Risk Management Framework, NIST 800-53, and DISA

  • Experience w/testing/assessment of container/cluster management and deployment tools such as Docker, ECS and Kubernetes

  • Experience with container security tools such as Trivy, Anchore, Clair, Dockle

  • Familiarity with CI/CD pipelines, and how these can be abused

Certification Requirements:

The Pen Tester is required to hold and maintain a personnel certification associated with the DCWF ISSM work role (541) at an advanced (senior) proficiency level as outlined in DoDI 8510.01, AFMAN 17-1305 and AFI 17-101 for assigned systems/applications.

CISM, CISA, CISSO, CPTE, CYSA+, CFR, GCIH, GCSA, GPEN, GSNA

Schedule:(M-F; 8-5)

Work Location:Gunter Maxwell, AL

Travel:<10%

Relocation Assistance Available:No

Position Contingent Upon Award of Contract:No

#LI-EW1

Benefits:

Torch Technologies is proud to offer a stable and professional work environment, a competitive salary, and an excellent, comprehensive benefit package including: ESOP participation, 401(k) match and safe-harbor contribution, medical, dental, vision, life insurance, short-term disability, long-term disability, flexible spending accounts, Health Saving Accounts and Health Reimbursement Accounts, EAP, education assistance, paid time off, and holidays.

Applying to Torch Technologies:

Only those candidates invited for an interview will be contacted. Employment at Torch Technologies is contingent upon the successful completion of a comprehensive background check.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, citizenship, ancestry, marital status, protected veteran status, disability status or any other status protected by federal, state, or local law. Torch Technologies, Inc. participates in E-Verify.

If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access Careers Link as a result of your disability. You can request reasonable accommodations by sending an email to HR@torchtechnologies.com. Thank you for your interest in Torch Technologies.

Applied = 0
MORE JOBS LIKE THIS

(web-759df7d4f5-7gbf2)