Penetration Tester / Cyber Security Specialist

Position Type: Full-Time / Contract
Location: Las Vegas, NV (Hybrid / On-Site as Required)
Reports To: Director of Adversarial Threat Simulation
Clearance: Preferred but not required (ability to obtain is advantageous)

Position Overview

Blackthorn Tactical is seeking a highly skilled Penetration Tester / Cyber Security Specialist to join our adversarial operations team. This role is responsible for conducting offensive security assessments, identifying vulnerabilities across digital and hybrid environments, and supporting full-spectrum red team engagements that simulate real-world adversary behavior.

This is not a checklist penetration testing role. Candidates must think like an attacker, understand complex systems, and operate with precision, professionalism, and discretion. You will work alongside experts in cyber, physical, and human-layer threat simulation to expose organizational weaknesses and strengthen client resilience.

Key Responsibilities

Offensive Security Operations

  • Conduct controlled penetration tests against networks, applications, cloud environments, and wireless infrastructures.

  • Perform reconnaissance, threat modeling, attack-path development, and exploit execution (within authorized scope).

  • Support multi-vector red team operations (cyber–physical–social engineering).

  • Evaluate Active Directory, identity systems, authentication pathways, and privilege escalation opportunities.

  • Execute adversary emulation based on known threat actors, TTPs, and intelligence-driven frameworks (MITRE ATT&CK, NIST, etc.).

Assessment & Reporting

  • Document vulnerabilities, exploitation steps, impact assessments, and recommended mitigations.

  • Generate executive and technical reports tailored to varied audiences.

  • Brief clients on findings with clarity, tact, and confidence.

Collaboration & Cross-Domain Support

  • Support physical red team operators with cyber integration.

  • Assist in building custom tools, scripts, and payloads for engagements.

  • Participate in security workshops, tabletop exercises, and training programs.

Security Program Development

  • Contribute to the maturation of cybersecurity governance, detection & response workflows, and defensive playbooks.

  • Recommend industry-aligned improvements in architecture, control configurations, and organizational security posture.

Required Skills & Competencies

Technical Expertise

  • Strong understanding of networking (TCP/IP, DNS, VPNs, routing/switching).

  • Proficiency with offensive tooling frameworks (e.g., Burp Suite, Cobalt Strike, Metasploit, Nmap, BloodHound, Nessus).

  • Knowledge of OWASP Top 10, CIS Benchmarks, cloud security (AWS/Azure), and secure coding principles.

  • Experience with scripting languages: Python, Bash, PowerShell, JavaScript, or similar.

  • Understanding of malware behavior, payload development, and evasion techniques (high-level).

Professional Competencies

  • Ability to operate discreetly during sensitive client engagements.

  • Strong analytical writing and communication skills.

  • High attention to detail, methodical thinking, and calm under pressure.

  • Familiarity with legal frameworks surrounding offensive security and Rules of Engagement.

Soft Skills

  • INTJ-style strategic thinking welcomed but not required.

  • Self-driven, adaptable, and capable of working independently or as part of a cross-functional adversarial team.

  • Clear-headed decision-making during time-sensitive operations.

Preferred Experience

  • 3–7 years in penetration testing, red teaming, cyber operations, or vulnerability research.

  • Experience with enterprise networks, Active Directory, SIEM technologies, EDR solutions, and cloud environments.

  • Background in law enforcement, military cyber units, or high-stakes offensive/defensive security roles is highly valued.

Highly Beneficial Certifications (Industry-Recognized)

These certifications strengthen Blackthorn Tactical’s service offerings and will directly support our business strategy.

Offensive Security Certifications

  • OSCP – Offensive Security Certified Professional

  • OSCE / OSEE / OSEP – Elite-level certification series

  • OSWE – Offensive Security Web Expert

  • OSEP – Offensive Security Exploitation Professional

GIAC / SANS Certifications

  • GPEN – Penetration Tester

  • GWAPT – Web Application Penetration Tester

  • GXP / EX-PEN – Exploit Development

  • GCIH – Cyber Incident Handler

  • GCTI – Cyber Threat Intelligence

  • GRID – Industrial Control System Defense (for critical infrastructure clients)

Industry & Cloud Certifications

  • CEH – Certified Ethical Hacker (baseline, but acceptable)

  • CPT / LPT – EC-Council Pen Testing Certifications

  • CISSP – For senior governance and advisory roles

  • CISM – For consulting alignment

  • CompTIA CySA+ / PenTest+ / CASP+

  • AWS Security Specialty / Azure Security Engineer

Physical & Hybrid Security Certifications (Advantageous)

  • PSP – ASIS Physical Security Professional

  • CPP – Certified Protection Professional

  • Tactical / law-enforcement training certifications relevant to red team crossover work

Additional Requirements

  • Must be able to pass a background check.

  • Must be able to travel for client engagements, sometimes on short notice.

  • Must adhere to strict confidentiality, NDAs, and Rules of Engagement protocols.

  • Ethical integrity and absolute respect for legal boundaries are non-negotiable.

Why Join Blackthorn Tactical

This is an opportunity to work inside a boutique adversarial firm where creativity, precision, and high performance aren’t just valued — they’re required. You will operate in an environment where your skills sharpen quickly, your impact is immediate, and the work is never ordinary.

If you want to operate at the intersection of offense, strategy, and real-world adversary replication, this is where you belong.

Submit Resume