- Analyze the organization's cyber defense policies and configurations and evaluate compliance with regulations and organizational directives.
- Conduct and/or support authorized penetration testing on enterprise network assets.
- Maintain deployable cyber defense audit toolkit (e.g., specialized cyber defense software and hardware) to support cyber defense audit missions.
- Maintain knowledge of applicable cyber defense policies, regulations, and compliance documents specifically related to cyber defense auditing.
- Prepare audit reports that identify technical and procedural findings and provide recommended remediation strategies/solutions.
- Conduct required reviews as appropriate within environment (e.g., Technical Surveillance, Countermeasure Reviews [TSCM], TEMPEST countermeasure reviews).
- Perform technical (evaluation of technology) and nontechnical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, supporting infrastructure, and applications).
- Make recommendations regarding the selection of cost-effective security controls to mitigate risk (e.g., protection of information systems and processes).
- Conducting vulnerability scans and recognizing vulnerabilities in security systems.
- Assessing the robustness of security systems and designs.
- Detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort).
- Mimicking threat behaviors.
- Use of penetration testing tools and techniques. (e.g., Burp suite, Metasploit, Wireshark, Kali Linux).
- Use of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.).
- Using network analysis tools to identify vulnerabilities. (e.g., Nessus, Verodin).
- Reviewing logs to identify evidence of past intrusions.
- Conducting application vulnerability assessments.
- Performing impact/risk assessments.
- Developing insights about the context of an organization's threat environment
- Applying cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- Identify systemic security issues based on the analysis of vulnerability and configuration data.
- Apply programming language structures (e.g., source code review) and logic.
- Share meaningful insights about the context of an organization's threat environment that improve its risk management posture.
- Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- US citizen
- Active Top Secret/Sensitive Compartmented Information (TS/SCI) clearance, eligible for Counterintelligence (CI) Polygraph.
- IAT Level 2 certification (e.g., CySA+, GSEC, Security+ CE) and two Penetration Testing Certifications (e.g., GPEN, GWAT, GCIH, CEH, GPYC, LPT, CPT).
- Bachelor's degree or higher from an accredited college or university in Computer Science, Cyber Security, Information Technology, Software Engineering, Information Systems, or Computer Engineering degree; or a degree in a Mathematics or Engineering field.
- Possible travel within the Continental United States (CONUS) and Outside CONUS (OCONUS).
- Conducting vulnerability scans and recognizing vulnerabilities in security systems.
- Assessing the robustness of security systems and designs.
- Detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort).
- Mimicking threat behaviors.
- Use of penetration testing tools and techniques. (e.g., Burp suite, Metasploit, Wireshark, Kali Linux).
- Use of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.).
- Using network analysis tools to identify vulnerabilities. (e.g., Nessus, Verodin).
- Reviewing logs to identify evidence of past intrusions.
- Conducting application vulnerability assessments.
- Performing impact/risk assessments.
- Developing insights about the context of an organization's threat environment
- Applying cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- Identify systemic security issues based on the analysis of vulnerability and configuration data.
- Apply programming language structures (e.g., source code review) and logic.
- Share meaningful insights about the context of an organization's threat environment that improve its risk management posture.
- Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
-
VULNERABILITY ASSESSMENT ANALYST
3 hours ago
CALIBRE St. Louis, United StatesCALIBRE Systems Inc., an employee-owned Management Consulting and Digital Transformation Company is seeking a Vulnerability Assessment Analyst (Mid-level) that will perform assessments of systems and networks within a Government enclave and identify where those systems/networks d ...
-
Vulnerability Assessment Analyst
3 weeks ago
CALIBRE St. Louis, United StatesCALIBRE Systems Inc., an employee-owned Management Consulting and Digital Transformation Company is seeking a Vulnerability Assessment Analyst (Mid-level) that will perform assessments of systems and networks within a Government enclave and identify where those systems/networks d ...
-
Senior Climate Risk Assessment Analyst
2 weeks ago
Logistics Management Institute Saint Louis, United StatesOverview · LMI: Innovation at the Pace of Need · At LMI, we're reimagining the path from insight to outcome at The New Speed of Possible. Combining a legacy of over 60 years of federal expertise with our innovation ecosystem, we minimize time to value and accelerate mission succe ...
-
Security Analyst
3 weeks ago
Transact Campus St. Louis, United StatesTransact is the leader in innovative payment, mobile credential, and commerce solutions for a connected campus. Our mission is to create compelling technology that uniquely simplifies campus operations and makes a meaningful difference in students' lives. With a highly configurab ...
-
virtual bcba
1 day ago
SpringHealth Behavioral Health and Integrated Care St. Louis, MO, United StatesOur Company: · SpringHealth Behavioral Health and Integrated Care · Overview: · Virtual BCBA Position · At SpringHealth our therapy team executes customized treatment plans that deliver real results and exceed patients' expectations. · If you're motivated to give our clients a mo ...
-
Analytic Methodologist, Senior
3 weeks ago
Booz Allen Hamilton St. Louis, United States Full timeJob Number: R0193197 · Analytic Methodologist, SeniorThe Opportunity: · Critical decisions are made every single day in our government. What if you could use your analytical skills to help them make informed decisions? With all the information available today, it takes a skilled ...
-
Data Scientist- Journeyman
2 weeks ago
ECS St. Louis, United StatesECS is seeking a Data Scientist- Journeyman to work in our St Louis, MO office. · Job Description: · ECS is seeking a Data Scientist- Journeyman to work in our St Louis, MO office. · This offer is contingent upon acceptance by the government customer, validation of appropriate ...
-
Analyst Corporate Development
2 weeks ago
Core and Main St. Louis, United States Full timeJob Summary · The Corporate Development Analyst will work as an individual contributor on the Corporate Development team focused on a variety of initiatives in a fast-paced learning- and growth-oriented environment. The major tasks, responsibilities, and accountabilities for the ...
-
IT Associate I
2 weeks ago
Stifel St. Louis, United States Full timeSummary · Under general supervision, the IT Service Desk Associate has primary responsibilities as the first point of contact in IT. Through multiple channels, the Analyst accurately logs and manages requests, incidents, and problems, assessing the services and customers impacted ...
-
Information Security Analyst III
5 days ago
V-Soft Consulting St. Louis, United States Direct HireInformation Security Analyst III · Primary Location: St Louis, Missouri · V-Soft Consulting is currently hiring for an Information Security Analyst III for our premier client in St Louis, Missouri. · WHAT YOU'LL NEED: · Technical Requirements and Certifications »Completion of one ...
-
Credit & AR Manager
2 weeks ago
Hogan St. Louis, United States Full timeJob Summary · We are looking for an experienced Credit and Accounts Receivable Manager to manage and provide work guidance to a team of four Credit and Accounts Receivable Analysts as well as work cross-functionally with the Sales, Billing, Accounting, and Cash Application teams. ...
-
Lead Analyst
2 weeks ago
Cigna Health and Life Insurance Company St. Louis, United StatesLead Analyst - Regulated Markets Issue Management - Express Scripts - Hybrid page is loaded · Lead Analyst - Regulated Markets Issue Management - Express Scripts - Hybrid · Apply · remote type · Hybrid · locations · MO, St. Louis, One Express Way · TN, Franklin, 730 Cool S ...
-
Cyber Security Operations 3
2 weeks ago
GDIT St. Louis, United States Full timeJob Description: · TCS is hiring a new member to our Cyber Security Operations 3 - Hunt Services team. This role will proactively search for indicators of compromise on NCE systems through planned Hunt missions.Assign the Cybersecurity Operations Manager to direct and oversee all ...
-
MassGenics St. Louis, United States ContractInnova solutions is hiring for a Workflow Management Consultant · Title: Workflow Management Consultant · Locations: St Louis, MO · Duration: 6+ Months Contract · Position Type: Contract · Skills Required: · 3 years of relevant experience. The real need is a fresh set of eyes so ...
-
Data Analytics/Data Science Analyst
2 weeks ago
Elevance Health St. Louis, United States Full timeJob Description · : Data Analytics/Data Science Analyst · Location: This position will work a hybrid model (remote and office). An ideal candidate must live within 50 miles of one of our Elevance Health PulsePoint locations listed here: Chicago, IL; Indianapolis, IN; St. Loui ...
-
Business Analyst II
3 weeks ago
Elevance Health St. Louis, United States Full timeJob Description · : Business Analyst II · Location : This position will work a hybrid model (remote and office). The ideal candidate will live within 50 miles of one of our Elevance Health PulsePoint locations. · The BUSINESS ANALYST II is responsible for identifying, analyzi ...
-
MassGenics St. Louis, United States ContractInnova solutions is hiring for a Workflow Management Consultant · Title: Workflow Management Consultant · Locations: St Louis, MO · Duration: 6+ Months Contract · Position Type: Contract · Skills Required: · 3 years of relevant experience. The real need is a fresh set of eyes so ...
-
Ampcus Incorporated St. Louis, United States ContractServiceNow Vulnerability Response Administrator · Candidates must be local to St. Louis MO, Bloomfield CT, or Bloomington MN. Core hours are 8 am-5 pm EST, M-F. · Duties:The ServiceNow Vulnerability Response Administrator will be a crucial member of the Vulnerability Managemen ...
-
Linux Administrator
6 days ago
CACI St. Louis, United StatesLinux Administrator - ACASJob Category: Information TechnologyTime Type: Full timeMinimum Clearance Required to Start: TS/SCIEmployee Type: RegularPercentage of Travel Required: Up to 10%Type of Travel: Local* * *CACI IS THE WINNER of a long-term prime contract with the National ...
-
Geodetic Surveyor
2 weeks ago
National Geospatial-Intelligence Agency (NGA) St. Louis, United StatesExternal Header Source: External Applicants Only · Open: · Closed: · Band: 02 · Location: St Louis, MO · Developmental Assignment CAREER ADVANCEMENT PROGRAM: All Professional Work Category positions advertised at a Pay Band 2 are part of NGA's Career Advancement Program (CAP) ...
Vulnerability Assessment Analyst - St. Louis, United States - CALIBRE
Description
CALIBRE Systems Inc., an employee-owned Management Consulting and Digital Transformation Company is seeking a Vulnerability Assessment Analyst (Mid-level) that will perform assessments of systems and networks within a Government enclave and identify where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. The analyst will measure the effectiveness of defense-in-depth architecture against known vulnerabilities.
The Vulnerability Assessment Analyst's responsibilities include, but are not limited to, the following:
Required Skills
Desired skills: the Vulnerability Assessment Analyst should have the ability to:
Required Experience
Desired skills: the Vulnerability Assessment Analyst should have the ability to: