VULNERABILITY ASSESSMENT ANALYST

2 weeks ago


Fort Belvoir, United States Quantum Research International Full time

Overview:
Quantum Research International, Inc. (Quantum
) is a certified DoD Contractor providing services and products to US/Allied governments and industry in the following main areas: (1) Cybersecurity, High Performance Computing Systems, Cloud Services and Systems; (2) Space and Ground Support Systems; (3) Aviation Systems; (4) Missile Systems; (5) Artificial Intelligence/ Machine Learning Systems and Experimentation/Training; and (6) Audio Visual Systems and Services. Quantum’s Corporate Office is in Huntsville, AL, but Quantum actively hires for positions nationwide and internationally. We pride ourselves on providing high quality support to the U.S. Government and our Nation’s Warfighters. In addition to our corporate office, we have physical locations in Aberdeen; MD; Colorado Springs, CO; Orlando, FL; Crestview, FL; Madison, AL, and Tupelo, MS.


Mission: As a member of the National Geospatial-Intelligence Agency (NGA) DEFENDER Computer Network Exploitation (CNE) team, the ideal candidate executes computer network operations via penetration testing and emulating Advanced Adversaries, Insider Threats, and Purple Team against NGA systems for the purpose of strengthening information system security.   Cyber Vulnerability Assessment Analysts will help develop and execute plans leveraging multiple cyber threat Tactics, Techniques and Procedures (TTP’s) to breach and/or exfiltrate data in such a way as to minimize the risk of detection by a Security Operations Center (SOC).  The positions also require the ability to protect data successfully exfiltrated from a targeted network and to provide mitigations to its exploits or observations that are resource-realistic, systemic, and actionable to buy down risk.  This position is available immediately and supports the NGA onsite (no remote or hybrid) at NGA headquarters in Springfield, VA.

 

Responsibilities: The ideal candidate will assist the customer in providing technical and engineering support to sensitive and highly regulated CNE operations designed to identify vulnerabilities subject to Advanced Persistent Threats (APT) or other emerging, time sensitive cyber threats on the customers networks.  This includes:

 

  • Performing assessments of systems and networks within the network environment or enclave and identifying where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. 
  • Developing measures of effectiveness for defense-in-depth architectures against known vulnerabilities.
  • Identifying systemic security issues based on the analysis of vulnerability and configuration data.
  • Applying programming language structures (e.g., source code review) and logic.
  • Sharing meaningful insights about the context of an organization’s threat environment that improve its risk management posture. 
  • Applying cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • Other duties as they relate to the contract/mission and customer requirements

 

 Requirements:

  • TS/SCI clearance, subject to CI Polygraph.
  • Bachelor’s degree (technically relevant degree preferred). In lieu of degree, Sec+, GICSP, Cloud+, GCED, PenTest+, or GSEC may be accepted.
  • Experience mimicking threat behaviors and the use of penetration testing tools and techniques.
  • Experience conducting ethical hacking and penetration testing following established principles and techniques.
  • Experience using network analysis tools to identify vulnerabilities. (e.g., fuzzing, Nmap, etc.). 
  • Knowledge of computer networking concepts and protocols, and network security methodologies, risk management processes (e.g., methods for assessing and mitigating risk), and laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. 
  • Knowledge of cyber threats and vulnerabilities, and operational impacts of cybersecurity lapses. 
  • Knowledge of cryptography and cryptographic key management concepts and host/network access control mechanisms (e.g., access control list, capabilities list). 
  • Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
  • Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities. 
  • Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). 
  • IAT Level 2 and Two Penetration Testing certifications (GPEN, GWAT, GCIH, CEH, GPYC, LPT, CPT, etc)

 

Desired/Preferred Skills:

  • Conducting vulnerability scans and recognizing vulnerabilities in security systems.
  • Assessing the robustness of security systems and designs.
  • Detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort).
  • Reviewing logs to identify evidence of past intrusions and conducting application vulnerability assessments.

 #LI-Onsite #LI-JL1

 

Equal Opportunity Employer/Affirmative Action Employer M/F/D/V:

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity, or any other characteristic protected by law. *Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

 



  • Fort Belvoir, United States Quantum Research International Inc Full time

    Job DescriptionJob DescriptionOverview: Quantum Research International, Inc. (Quantum) is a certified DoD Contractor providing services and products to US/Allied governments and industry in the following main areas: (1) Cybersecurity, High Performance Computing Systems, Cloud Services and Systems; (2) Space and Ground Support Systems; (3) Aviation Systems;...


  • Fort Belvoir, United States C2 Essentials Full time

    We are seeking a highly motivated, innovative professional to deliver results. This position is located at Ft. Belvoir and requires the individual to be onsite five days a week. The Cybersecurity Analyst will play a key role in ensuring systems meet compliance and security standards. This role involves conducting in-depth analysis of vulnerability scan...


  • Fort Lauderdale, United States Collabera Full time

    Description Home Search Jobs Job Description Vulnerability/Security Analyst Contract: Ft. Lauderdale, Florida, US Salary: $60.00 Per Hour Job Code: 355868 End Date: 2024-12-13 Days Left: 2 hours left Apply Title: Vulnerability/Security AnalystLocation: Ft. Lauderdale, FL Requirements: Pen Testing Vulnerabiliy Assessment Risk Mitigation Job...


  • Fort Lauderdale, United States Collabera Full time

    Description Home Search Jobs Job Description Vulnerability/Security Analyst Contract: Ft. Lauderdale, Florida, US Salary: $60.00 Per Hour Job Code: 355868 End Date: 2024-12-13 Days Left: 5 days, 2 hours left Apply Title: Vulnerability/Security AnalystLocation: Ft. Lauderdale, FL Requirements: Pen Testing Vulnerabiliy Assessment Risk Mitigation Job...


  • Fort Lauderdale, United States TSR Consulting Services, Inc. Full time

    Our client, a leading finance company, is hiring a Vulnerability Assessments Contractor on a contract basis.Job ID #: 80879Work Location: Fort Lauderdale, FL Summary: The Vulnerability Assessments Analyst - Red Team Contractor role will participate in the Adversary Emulation program by assisting with our Special Projects Tiger Team. This team will be...


  • fort lauderdale, United States TSR Consulting Services, Inc. Full time

    Our client, a leading finance company, is hiring a Vulnerability Assessments Contractor on a contract basis.Job ID #: 80879Work Location: Fort Lauderdale, FL Summary: The Vulnerability Assessments Analyst - Red Team Contractor role will participate in the Adversary Emulation program by assisting with our Special Projects Tiger Team. This team will be...


  • Fort Lauderdale, United States TSR Consulting Services, Inc. Full time

    Our client, a leading finance company, is hiring a Vulnerability Assessments Contractor on a contract basis.Job ID #: 80879Work Location: Fort Lauderdale, FL Summary: The Vulnerability Assessments Analyst - Red Team Contractor role will participate in the Adversary Emulation program by assisting with our Special Projects Tiger Team. This team will be...


  • Fort Belvoir, United States Quadrant Full time

    Cyber Analyst Fort Belvoir, VA (On-Site) Pay From: $120,000 per yearMUST: Experienced Cyber Analyst 10+ years of experience required Top Secret clearance required with SCI eligibility Must have: CySA+, or CEH, or CISA, or PenTest+ Must also have: IAT II as described in DoD 8570.01 (Sec+) Demonstrated experience with Linux environments (Red Hat, CentOS,...


  • Fort Belvoir, United States QinetiQ U.S. Full time

    **Job Overview**We are seeking a highly skilled Advanced Blue Cyber Analyst to join our team at QinetiQ U.S. in Fort Belvoir, VA.The successful candidate will be responsible for conducting advanced cyber assessments, including technical planning and execution, and providing technical insights and recommendations to the DTRA Cyber Division Chief.Key...


  • Fort Belvoir, United States Quadrant Full time

    Cyber Analyst Fort Belvoir, VA (On-Site) Pay From: $120,000 per yearMUST: Experienced Cyber Analyst 10+ years of experience required Top Secret clearance required with SCI eligibility Must have: CySA+, or CEH, or CISA, or PenTest+ Must also have: IAT II as described in DoD 8570.01 (Sec+) Demonstrated experience with Linux environments (Red Hat, CentOS,...


  • Fort Belvoir, Virginia, United States Applied Research Associates Full time

    Job OverviewWe are seeking a highly skilled Cyber Security Analyst to join our team at Applied Research Associates, Inc. in support of the Defense Threat Reduction Agency's Nuclear Enterprise Support Directorate (NE) program.As a Cyber Security Analyst, you will be responsible for conducting cyber assessments of vulnerabilities of critical U.S. and Allied...


  • Fort Belvoir, United States System One Full time

    We are seeking a strong Cyber Analyst for a 6-month contract-to-hire opening. The position requires an active TS/SCI clearance and 100% onsite work with 30% travel. Responsibilities include understanding compliance standards and tools to assess vulnerabilities, identifying risks to mission loss or degradation, and recommending risk reduction based on DoD...


  • Fort Belvoir, United States Disability Solutions Full time

    ALTA IT is looking for a strong Cyber Analyst for a 6-month contract-to-hire opening in Fort Belvoir VA. This position requires an active TS/SCI clearance 100% onsite and 30% travel Pay rate: 60-68/hr W-2 Responsibilities: Understand both the compliance standards and the tools and techniques to assess vulnerabilities to be a part of our team. ...


  • Fort Belvoir, United States ALTA IT Services Full time

    ALTA IT is looking for a strong Cyber Analyst for a 6-month contract-to-hire opening in Fort Belvoir VA. This position requires an active TS/SCI clearance 100% onsite and 30% travel Pay rate: 60-68/hr W-2 Responsibilities: Understand both the compliance standards and the tools and techniques to assess vulnerabilities to be a part of our team. ...


  • Fort Belvoir, Virginia, United States Amentum Full time

    At Amentum, we're seeking a highly skilled Insider Threat Analyst to join our team. This critical role involves conducting threat analysis, providing assessments of threats and vulnerabilities, and producing investigative leads. As an Insider Threat Analyst, you will uncover policy violations, assess the risk posed by trusted insiders, and oversee the data...


  • Fort Belvoir, United States System One Holdings, LLC Full time

    ALTA IT is looking for a strong Cyber Analyst for a 6-month contract-to-hire opening in Fort Belvoir VA. This position requires an active TS/SCI clearance 100% onsite and 30% travel Pay rate: 60-68/hr W-2 Responsibilities: Understand both the compliance standards and the tools and techniques to assess vulnerabilities to be a part of our team. Identify...


  • Fort Belvoir, United States System One Full time

    ALTA IT is looking for a strong Cyber Analyst for a 6-month contract-to-hire opening in Fort Belvoir VA. This position requires an active TS/SCI clearance 100% onsite and 30% travel Pay rate: 60-68/hr W-2 Responsibilities: Understand both the compliance standards and the tools and techniques to assess vulnerabilities to be a part of our team. Identify...

  • Red Cell Analyst-1

    2 weeks ago


    Fort Belvoir, United States Amentum Full time

    Job DescriptionRED CELL ANALYST: Defense Threat Reduction Agency, Fort Belvoir, VAThe Analyst is responsible for gathering information based on program objectives, identifying gaps in information gathering, analysis, and course of action development pertaining to the assessment. The Analyst is responsible for researching, reviewing, editing, planning,...


  • Fort Belvoir, United States Applied Research Associates Full time

    Description The Mission Concepts & Capabilitis (MCC) divisionof Applied Research Associates, Inc (ARA) is building a team to conduct cyber assessments of vulnerabilities of critical U.S. and Allied systems, networks, infrastructures, and assets. Our team will support the Defense Threat Reduction Agency’s Nuclear Enterprise Support Directorate (NE)’s...

  • Red Cell Analyst

    3 months ago


    Fort Belvoir, United States Amentum Full time

    RED CELL ANALYST: Defense Threat Reduction Agency, Fort Belvoir, VAThe Analyst is responsible for gathering information based on program objectives, identifying gaps in information gathering, analysis, and course of action development pertaining to the assessment. The Analyst is responsible for researching, reviewing, editing, planning, preparing,...