HVA Assessment Operator / Penetration Tester (AES Certified)
HVA Assessment Operator / Penetration Tester (AES Certified)
At Sprightbulb, we guide organizations through meaningful transformation with a focus on product thinking, agile principles, and business alignment. Our non-prescriptive, agile-first approach embraces uncertainty, shortens feedback loops, and delivers real value.
We’re a fast-growing, collaborative team of practitioners and change agents who challenge conventional thinking and help clients unlock what’s possible. As a Sprightbulb consultant, you’ll work on high-impact initiatives across industries and help shape how work gets done.
About the Role
We’re seeking an AES-Certified HVA Assessment Operator / Penetration Tester to join a team launching a comprehensive High-Value Asset (HVA) program for a federal agency. This role requires a tactical and flexible operator who can shift seamlessly between execution and enablement. Onsite work in DC is expected.
Key Responsibilities
- Perform vulnerability and penetration testing NT1 HVAs under defined rules of engagement
- Identify, document, and analyze technical vulnerabilities
- Assess impacts and contribute to full lifecycle risk analysis
- Produce comprehensive appendices with exploit results, findings, and risk classifications
- Collaborate closely with the Technical Lead on assessment reporting and deliverables
- AES certification under CISA's HVA Assessment and Evaluation (AES) Program
- 5+ years of experience in penetration testing, ethical hacking, or red team engagements
- Proficiency with tools such as Burp Suite, Metasploit, Nessus, Nmap, and others
- Strong understanding of FISMA, HVA, and DHS cybersecurity guidelines
- Must be able to obtain a Public Trust or higher clearance
- Experience supporting federal agencies (DHS, DOT, IRS, DoD)
- Certifications such as Security+, CISSP, or PMP
- Familiarity with ISO standards and working in Agile environments