HVA Assessment Operator / Penetration Tester (AES Certified)

HVA Assessment Operator / Penetration Tester (AES Certified)

At Sprightbulb, we guide organizations through meaningful transformation with a focus on product thinking, agile principles, and business alignment. Our non-prescriptive, agile-first approach embraces uncertainty, shortens feedback loops, and delivers real value.

We’re a fast-growing, collaborative team of practitioners and change agents who challenge conventional thinking and help clients unlock what’s possible. As a Sprightbulb consultant, you’ll work on high-impact initiatives across industries and help shape how work gets done.

About the Role

We’re seeking an AES-Certified HVA Assessment Operator / Penetration Tester to join a team launching a comprehensive High-Value Asset (HVA) program for a federal agency. This role requires a tactical and flexible operator who can shift seamlessly between execution and enablement. Onsite work in DC is expected.

Key Responsibilities

• Perform vulnerability and penetration testing NT1 HVAs under defined rules of engagement
• Identify, document, and analyze technical vulnerabilities
• Assess impacts and contribute to full lifecycle risk analysis 
• Produce comprehensive appendices with exploit results, findings, and risk classifications
• Collaborate closely with the Technical Lead on assessment reporting and deliverables

• AES certification under CISA's HVA Assessment and Evaluation (AES) Program
• 5+ years of experience in penetration testing, ethical hacking, or red team engagements
• Proficiency with tools such as Burp Suite, Metasploit, Nessus, Nmap, and others
• Strong understanding of FISMA, HVA, and DHS cybersecurity guidelines
• Must be able to obtain a Public Trust or higher clearance

• Experience supporting federal agencies (DHS, DOT, IRS, DoD)
• Certifications such as Security+, CISSP, or PMP
• Familiarity with ISO standards and working in Agile environments

Powered by JazzHR