Cyber Vulnerability Assessment Analyst - Springfield, United States - Quantum Research Int'l

Quantum Research Int'l
Quantum Research Int'l
Verified Company
Springfield, United States

3 weeks ago

Mark Lane

Posted by:

Mark Lane

beBee recruiter
Description

Job Description:


Overview:


Quantum Research International, Inc. (Quantum) is a certified DoD Contractor providing services and products to US/Allied
governments and industry in the following main areas: (1) Cybersecurity, High Performance Computing Systems, Cloud Services and Systems; (2) Space and Ground Support Systems; (3) Aviation Systems; (4) Missile Systems; (5) Artificial Intelligence/ Machine Learning Systems and Experimentation/Training; and (6) Audio Visual Systems and Services. Quantum's Corporate Office is in Huntsville, AL, but Quantum actively hires for positions nationwide and internationally. We pride ourselves on providing high quality support to the U.S. Government and our Nation's Warfighters. In addition to our corporate office, we have physical locations in Aberdeen; MD; Colorado Springs, CO; Orlando, FL; Crestview, FL; and Tupelo, MS.


As a member of the
NGA DEFENDER Cybersecurity Risk Management team, the contractor executes the risk management framework (RMF) in accordance with NIST SP R2 (or subsequent versions) and NGA's RMF Implementation Guide (RIG) for all NGA-authorized systems.

This position is available immediately and supports the National Geospatial-Intelligence Agency (NGA) onsite at NGA headquarters in Springfield, VA.


Responsibilities:


  • Performing assessments of systems and networks within the network environment or enclave and identifying where those systems/networks deviate from acceptable configurations, enclave policy, or local policy.
  • Developing measures of effectiveness for defenseindepth architectures against known vulnerabilities.
  • Identifying systemic security issues based on the analysis of vulnerability and configuration data.
  • Sharing meaningful insights about the context of an organization's threat environment that improve its risk management posture.

Requirements:


  • Bachelor's degree in Computer Science or Information Systems or other technically relevant degree. In lieu of degree, CFR, Cloud+, CySA+, GCED, GICSP or PenTest+ may be accepted
  • Knowledge of Government standards for data security such as markings, handling of classified and unclassified information, and how to handle the distribution of this information
  • Knowledge of computer networking concepts and protocols, and network security methodologies, risk management processes (e.g., methods for assessing and mitigating risk), and laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • Knowledge of cyber threats and vulnerabilities, and operational impacts of cybersecurity lapses.
  • Knowledge of cryptography and cryptographic key management concepts and host/network access control mechanisms (e.g., access control list, capabilities list).
  • Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • Knowledge of what constitutes a network attack and a network attack's relationship to both threats and vulnerabilities.
  • Knowledge of cyberattack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
  • IAM or IAT Level Two.

Desired/Preferred Skills

  • Conducting vulnerability scans and recognizing vulnerabilities in security systems.
  • Assessing the robustness of security systems and designs.
  • Detecting host and networkbased intrusions via intrusion detection technologies (e.g., Snort).
  • Mimicking threat behaviors and the use of penetration testing tools and techniques.
  • Using network analysis tools to identify vulnerabilities. (e.g., fuzzing, Nmap, etc.).
  • Conducting ethical hacking and penetration testing following established principles and techniques.

Equal Opportunity Employer/Affirmative Action Employer M/F/D/V:All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity, or any other characteristic protected by law. *Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
More jobs from Quantum Research Int'l
See all jobs of Quantum Research Int'l