Senior Cyber Vulnerability Analyst

Program Overview

About The Role

Responsibilities include, but are not limited to:

• Utilize off ensive toolsets such as Metaspolit and Kali Linux to safely analyze and penetration test production networks and systems, documenting steps and procedures to produce usable vulnerability assessments for the customer
• Identify and investigate vulnerabilities, asses exploit potential, and document findings and remedies for presentation to facilitate mitigations on customer systems
• Perform planning, execution, and documentation of penetration testing missions in accordance with Red Team methodologies
• Perform web application testing using tools such as Burp Suite, Zap Proxy, Skipfish and Nikto, and open source toolsets
• Travel to customer sites to perform network security evaluations, penetration tests, and brief customers on findings
• Perform daily cyber threat research and present findings to the organization to maintain knowledge of current adversary tactics, techniques and procedures and how to apply them. Brief staff and leadership on these findings
• Perform open-source intelligence gathering to prepare for missions
• Write reports of vulnerabilities to increase customer situational awareness and improve the customer’s cyber security posture
• Assist all sections of the Defensive Cyber Operations team as required in performing Analysis, System Administration, and other duties asassigned
• Contribute to the design, development and implementation of countermeasures, system integration, and tools specific to Cyber and Information Operations
• Write reports of remotely exploitable vulnerabilities to increase customer situational awareness and improve the customer’s cyber security posture
• Prepare and present technical reports and briefings

Qualifications

Basic Qualifications:

• Active Top-Secret/SCI
• Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD
• Certified Ethical Hacker (CEH)
• Certified Penetration Tester (GPEN)
• Possess DoD 8570.01-M Information Assurance Technician (IAT) Level II Baseline Certification
• Must posses an active, OR have the ability to obtain within 90 days of hire date, an ITIL Foundations Certification
• Must have a full, complete, and in-depth understanding of all aspects of Defensive Cyber Operations
• Must possess an in-depth understanding of penetration testing methodology, including recon, exploit, persistence, etc.
• Must have a solid understanding of networking protocols, their uses, and their potential misuses
• Programming experience in one or more languages, experience in HTLM/CSS or SQL
• Experience with one or more scripting languages such as PowerShell, Bash, Python or Perl

Desired Qualifications:

• Offensive Security OSCP
• Army Certified Penetration Tester (or Instructor)
• DoD 8570 IAT III (CISSP, CASP, CISA, GCED, GCIH)
• Fluency in one or more programming language (e.g.,Python, C#, Golang)
• In-depth understanding of physical penetration test ng or PACS
• Demonstrated ability to produce written deliverables and brief senior leadership
• Self-starter with excellent judgment, capable of independent decision making

#FortHuachuca

SCA / Union / Intern Rate or Range

Details

Target Salary Range: $146,000 - $234,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.