Want to help build a World-Class Cyber Incident Reporting Team? Do you want to immediately make a positive impact on U.S. National Security?
This is part of the work that SecureTech Vulnerability Assessors do every day in support of the nation's Intelligence Community.
We perform ongoing, comprehensive vulnerability assessments of network cybersecurity risks to enable risk management and mitigation activities. We monitor the adequacy of cybersecurity measures for information systems and report vulnerability findings to the Cybersecurity Service Provider (CSSP) Watch leadership. We utilize vulnerability data sources such as network discovery, network and host vulnerability scanning, penetration testing, operational exercise data, and compliance inspection reports to identify security vulnerabilities and exposures. We assess asset conformity to specified security requirements.
As a SecureTech Vulnerability Assessor we are looking for knowledge and abilities such as:
Knowledge of Common Vulnerabilities and Exposures (CVEs), cyber threats, and vulnerability mitigation strategies.
Ability to conduct research and analysis to stay up to date with current vulnerabilities, provide detailed risk analysis and potential impact.
Utilization of multiple data sources to determine a vulnerability’s security impact on the enterprise.
Ability to analyze, assess, compile, and prioritize vulnerabilities to document and communicate mitigation recommendations.
Ability to communicate written and verbal information in a timely, clear, and concise manner.
Application of cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Understanding of network security architecture concepts such as topology and protocols.
Understanding of what constitutes network risk, cyberattacks, and the relationship between threats and vulnerabilities.
Ability to analyze vulnerability scans, and recognize security implications of vulnerabilities and assess within the context of the risk management process.
Experience with or ability to utilize analysis tools, such as Verodin, Nessus, or RedSeal, to identify vulnerabilities.
Experience writing comprehensive risk assessments on vulnerability impacts.
Able to utilize automated and manual testing methods to validate the vulnerability testing methods; discover inadequate security practices.
Able to identify secondary effects of vulnerabilities and exposures, as well as the impact of the mitigations applied to them.
Perform after-action reviews of team products to ensure completion of analysis.
Able to lead and mentor team members as a technical expert.
These are things that our analysts do every day!
To get started in this exciting opportunity, you need a TS/SCI clearance with at least a CI polygraph. Additional qualifications include four (4) years of demonstrated experience as a Vulnerability Analyst (a technical bachelor's degree can substitute for 2 years of experience), one (1) year of technical reporting, and one (1) year experience in network and threat analysis. The following certifications are required as well:
- DoD 8570 IAT Level II (Sec+ CE, CySA+, CCNA-Security, GSEC, etc.) - DoD 8570 Computing Environment (MS Windows, Linux, CentOS, ServiceNow, etc.) - SPLUNK Fundamentals 1 Don't have all these certs? Apply anyway! We can work with you!
Why come to the SecureTech family?
- We really do consider employees first in decisions. It is hard enough to work through the personal/social/technical hurdles that come with your position as a cleared defense contractor - no need to fight your own employer's red tape as well.
- We offer a compensation package that is more than just commensurate with this closed contractor community. We offer generous benefits (PTO, training support, etc) in addition to the high salaries. We know that you know - salary isn't everything.
- SecureTech is an Equal Opportunity Employer – we hire the right people for the job - regardless of employment status such as female, minority, protected veterans, individuals with disabilities, etc.
Our concern is that you are qualified for the position, and that you are placed in a position in which you can be successful!
Apply now! Multiple positions awaiting your expertise! Resume to firstname.lastname@example.org