- Analyze the organization's cyber defense policies and configurations and evaluate compliance with regulations and organizational directives.
- Conduct and/or support authorized penetration testing on enterprise network assets.
- Maintain deployable cyber defense audit toolkit (e.g., specialized cyber defense software and hardware) to support cyber defense audit missions.
- Maintain knowledge of applicable cyber defense policies, regulations, and compliance documents specifically related to cyber defense auditing.
- Prepare audit reports that identify technical and procedural findings and provide recommended remediation strategies/solutions.
- Conduct required reviews as appropriate within environment (e.g., Technical Surveillance, Countermeasure Reviews [TSCM], TEMPEST countermeasure reviews).
- Perform technical (evaluation of technology) and nontechnical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, supporting infrastructure, and applications).
- Make recommendations regarding the selection of cost-effective security controls to mitigate risk (e.g., protection of information systems and processes).
- Conducting vulnerability scans and recognizing vulnerabilities in security systems.
- Assessing the robustness of security systems and designs.
- Detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort).
- Mimicking threat behaviors.
- Use of penetration testing tools and techniques. (e.g., Burp suite, Metasploit, Wireshark, Kali Linux).
- Use of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.).
- Using network analysis tools to identify vulnerabilities. (e.g., Nessus, Verodin).
- Reviewing logs to identify evidence of past intrusions.
- Conducting application vulnerability assessments.
- Performing impact/risk assessments.
- Developing insights about the context of an organization's threat environment
- Applying cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- Identify systemic security issues based on the analysis of vulnerability and configuration data.
- Apply programming language structures (e.g., source code review) and logic.
- Share meaningful insights about the context of an organization's threat environment that improve its risk management posture.
- Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- US citizen
- Active Top Secret/Sensitive Compartmented Information (TS/SCI) clearance, eligible for Counterintelligence (CI) Polygraph.
- IAT Level 2 certification (e.g., CySA+, GSEC, Security+ CE) and two Penetration Testing Certifications (e.g., GPEN, GWAT, GCIH, CEH, GPYC, LPT, CPT).
- Bachelor's degree or higher from an accredited college or university in Computer Science, Cyber Security, Information Technology, Software Engineering, Information Systems, or Computer Engineering degree; or a degree in a Mathematics or Engineering field.
- Possible travel within the Continental United States (CONUS) and Outside CONUS (OCONUS).
-
Vulnerability Assessment Analyst
3 days ago
Calibre Inc Springfield, United StatesCALIBRE Systems Inc., an employee-owned Management Consulting and Digital Transformation Company is seeking a Vulnerability Assessment Analyst (Mid-level) that will perform assessments of systems and networks within a Government enclave and identify where those systems/networks d ...
-
Cyber Cloud Vulnerability Assessment Analyst
3 days ago
SAIC Chantilly, United StatesJob ID: · **Location**:CHANTILLY, VA, US · **Date Posted**: · **Category**:Cyber · **Subcategory**:Cyber Engineer · **Schedule**:Part-Time · **Shift**:Day Job · **Travel**:No · **Minimum Clearance Required**:TS/SCI with Poly · **Clearance Level Must Be Able to Obtain**:None · * ...
-
West Advanced Technologies Springfield, United StatesSenior Cyber Vulnerability Assessment Analyst · Location: Springfield, Virginia · Contract Term: 6 months · Visa: USC, GC or H1-B · Project/Role Description: · The key is someone who can analyze vulnerabilities in connected devices - such as cameras, badges and come up ...
-
Cyber Incident Assessment Analyst
1 day ago
Phia Arlington, United StatesAt phia we hire talented and passionate people who are focused on collaborative, meaningful work, providing technical and operational subject matter expertise and support services to our partners and clients. · phia is hiring a · Cyber Incident Assessment Analyst · to support a ...
-
insider threat assessment analyst
2 weeks ago
Department Of Defense Alexandria, United States Full timeSummary · DCSA's DOD Insider Threat Management and Analysis Center (DITMAC) is seeking a Prevention Assistance & Response (PAR) Coordinator. As such you will provide technical assistance to the installation and tenant Commander(s) in addressing matters concerning PAR and facilita ...
-
Hybrid Security Design Assessment Analyst
5 days ago
Shuvel Digital Arlington, United StatesLocation: Arlington, VA · Clearance: DoD Secret · Certification: CompTIA Sec+ is required. · Job Description: The Security Design Assessment analyst will provide support to the Security Design Architecture Team. · Ensure design solution complies with security requirements at ...
-
Senior Assessment and Authorization Analyst
5 hours ago
Summit Technologies Hyattsville, United StatesSummit Technologies, Inc. is currently seeking a Senior Assessment and Authorization Analyst (A&A) for a potential contract in Adelphi, MD.In this role you will serve as the Lead for the Assessment and Authorization team responsible for team tasking, deliverables, and managing pr ...
-
Base One Technologies Washington, United StatesOur DC metro based client is looking for a Vulnerability Assessment Analyst Local candidates are preferred. In person meeting is required prior hiring. US CITIZENSHIP AND ACTIVE TS ARE required for this opening. Tier 3 Analyst All Tier 3 Analyst candidates shall have a minimum of ...
-
Senior Assessment and Authorization Analyst
3 days ago
Summit Technologies, Inc. Hyattsville, United StatesJob Description · Job DescriptionSummit Technologies, Inc. is currently seeking a Senior Assessment and Authorization Analyst (A&A) for a potential contract with our government client. In this role you will serve as the Lead for the Assessment and Authorization team responsible f ...
-
RMF/Security Assessment Analyst
6 days ago
VMR Strategic Solutions Derwood, United StatesJob Description · Job Description · Job Type: Full Time · Location: Columbia, Md. · Clearance: TS/SCI w/Polygraph · VMR Strategic Solutions is seeking an RMF/Security Assessment. Are you interested in joining a dynamic team responsible for supporting USCYBERCOM's internal co ...
-
RMF/Security Assessment Analyst
3 days ago
VMR Strategic Solutions Derwood, United StatesJob Description · Job DescriptionJob Type: Full Time · Location: Columbia, Md. · Clearance: TS/SCI w/Polygraph · VMR Strategic Solutions is seeking an RMF/Security Assessment. Are you interested in joining a dynamic team responsible for supporting USCYBERCOM's internal command IT ...
-
Cyber Vulnerability Assessment Analyst
2 weeks ago
Leidos Ashburn, United StatesDescription · Department of Homeland Security (DHS) Network Operations Security Center (NOSC) is a US Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the DHS Enterprise. The DHS NOSC has primary resp ...
-
Cyber Cloud Vulnerability Assessment Analyst
5 days ago
SAIC Chantilly, United StatesDescription · SAIC is seeking a Principal Cyber Security Cloud Analyst, to serve as a member of a Vulnerability Assessment program. This position is located in Chantilly, VA and requires an a ctive TS/SCI with Polygraph . · The hired individual will perform the following key role ...
-
PCI DSS Risk Assessment Analyst
17 hours ago
TestPros Quantico, United StatesCompany Overview · TestPros is a successful and growing business, established in 1988 to provide Information Technology (IT) technical support services to a wide range of Commercial and U.S. Federal, State, and Local Government customers. Our capabilities include Program Managem ...
-
Cyber Cloud Vulnerability Assessment Analyst
3 days ago
SAIC Career Site CHANTILLY, United StatesDescription · SAIC is seeking a Principal Cyber Security Cloud Analyst, to serve as a member of a Vulnerability Assessment program. This position is located in Chantilly, VA and requires an active TS/SCI with Polygraph. · The hired individual will perform the following key roles ...
-
PCI DSS Risk Assessment Analyst
4 days ago
TestPros Quantico, United StatesJob Description · Job DescriptionCompany Overview · TestPros is a successful and growing business, established in 1988 to provide Information Technology (IT) technical support services to a wide range of Commercial and U.S. Federal, State, and Local Government customers. Our capa ...
-
PCI DSS Risk Assessment Analyst
1 day ago
TestPros Quantico, United StatesTestPros is a successful and growing business, established in 1988 to provide Information Technology (IT) technical support services to a wide range of Commercial and U.S. Federal, State, and Local Government customers. Our capabilities include Program Management, Program Oversig ...
-
Anonymous Employer Ashburn, United StatesOur Arlington VA based client is looking for Cyber Vulnerability Assessment Analyst. If you are qualified for this position, please email your updated resume in word format to Required Education/Experience · Bachelors' degree from an accredited college in a related discipline, or ...
-
Open-source Intelligence Analyst
3 days ago
Cintel Inc Fort Belvoir, United StatesPOSITION: Open-Source Intelligence Analyst · LOCATION: Ft. Belvoir, VA · TRAVEL REQUIREMENTS: May be required to travel · SUPERVISORY RESPONSIBILITIES: No · Overview: · Cintel, Inc. is seeking an experienced Open-Source Intelligence Analyst to provide support to our government cu ...
-
All Souce Intelligence Analyst
3 days ago
QinetiQ US Fort Belvoir, United StatesCompany Overview: · We are a world-class team of professionals who deliver next generation technology and products in robotic and autonomous platforms, ground, soldier, and maritime systems in 50+ locations world-wide. Much of our work contributes to innovative research in the fi ...
Vulnerability Assessment Analyst - Springfield, United States - CALIBRE Systems
Description
Job DescriptionCALIBRE Systems Inc., an employee-owned Management Consulting and Digital Transformation Company is seeking a Vulnerability Assessment Analyst (Mid-level) that will perform assessments of systems and networks within a Government enclave and identify where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. The analyst will measure the effectiveness of defense-in-depth architecture against known vulnerabilities.
The Vulnerability Assessment Analyst's responsibilities include, but are not limited to, the following:
