Vulnerability Assessment and Management SME with Security Clearance
4 weeks ago
Vulnerability Assessment and Management SME performs assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy
They measure the effectiveness of defense-in-depth architecture against known vulnerabilities
Responsibilities:
• Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
• Ability to apply programming language structures (e.g., source code review) and logic.
• Ability to share meaningful insights about the context of an organization's threat environment that improve its risk management posture.
• Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Knowledge of computer networking concepts and protocols, and network security methodologies.
• Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
• Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
• Knowledge of cybersecurity and privacy principles.
• Knowledge of cyber threats and vulnerabilities.
• Knowledge of specific operational impacts of cybersecurity lapses.
• Knowledge of application vulnerabilities.
• Knowledge of cryptography and cryptographic key management concepts
• Knowledge of data backup and recovery.
• Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
• Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
• Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
• Knowledge of programming language structures and logic.
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
• Knowledge of systems diagnostic tools and fault identification techniques.
• Knowledge of what constitutes a network attack and a network attack's relationship to both threats and vulnerabilities.
• Knowledge of interpreted and compiled computer languages.
• Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).
• Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored).
• Knowledge of system administration, network, and operating system hardening techniques.
• Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• Knowledge of security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model).
• Knowledge of ethical hacking principles and techniques.Qualifications:
• Must possess a Secret clearance
About the Organization About Markesman Group Markesman Group has gathered the nation's foremost experts in Cyber, ISR, Enterprise IT and Intelligence Analysis
We seek to lead with cutting edge technology, high quality development and best value services for both the government and commercial sectors
Our team combines passion, acumen, focus, patriotism, desire, dedication and the love for the job to create value for our customers
We pride ourselves in a rigorous selection process because not only do we want the best, we want the best to want us
Working closely together as part of a service-disabled veteran owned small business, we enjoy a family environment where teammates challenge and elevate each other every day
The Markesman family is always striving to solve tomorrow's problems, today
EOE Statement We are an Equal Opportunity/Affirmative Action Employer
We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law
This position is currently accepting applications.
-
Vulnerability Assessment Analyst Sr
4 weeks ago
Fort Meade, United States Athena Technology Group, Inc. Full timeJob DescriptionJob DescriptionDescription/Job SummaryVulnerability Assessment Analyst - Senior Job Location: Fort Meade, MD Job Category: Position Type: Full Time, 40 hours per week Athena Technology Group, Inc. is a Service-Disabled Veteran Owned /Small Business (SDVOSB) focused on Information Technology and Communications consulting, system engineering,...
-
Vulnerability Assessment Analyst Journeyman
2 weeks ago
Fort Meade, United States Athena Technology Group, Inc. Full timeJob DescriptionJob DescriptionDescription/Job SummaryVulnerability Assessment Analyst - Journeyman Job Location: Fort Meade, MD Job Category: Position Type: Full Time, 40 hours per week Athena Technology Group, Inc. is a Service-Disabled Veteran Owned /Small Business (SDVOSB) focused on Information Technology and Communications consulting, system...
-
Cloud Engineer ~ SME
3 weeks ago
Fort Meade, United States Invictus International Consulting, LLC Full timeJob DescriptionJob DescriptionTitle: Cloud Engineer ~ SMELocation: Fort Meade, MD Clearance: TS/SCI with a CI polygraphResponsibilities:Perform in a Security Engineer, Subject Matter Expert, role responsible for the design, configuration, testing, and deployment, of cloud provider services such as AWS, Azure, Oracle, IBM, Google Cloud, etc. and cloud-based...
-
Senior Vulnerability Analyst
3 weeks ago
Fort Meade, United States Two Six Technologies Full timeTwo Six Technologies is looking to add a SeniorVulnerability Analyst to our team. This role will be responsible for identifying and determining attack paths on a given system to develop effective mitigations and detection mechanisms. A strong candidate for this role will have performed vulnerability research or vulnerability analysis for the purpose of...
-
Technology Vulnerability Analyst
4 weeks ago
Meade, United States National Security Agency (NSA) Full timeResponsibilitiesAre you an emerging or seasoned network professional who wants to work our nation's tough cybersecurity problems? Do you enjoy deeply technical, hands-on work? Do you want to identify vulnerabilities in network infrastructure devices and then figure out how to deal with them? Are you looking to make an impact in cybersecurity and advance your...
-
Cyber Security
2 weeks ago
Fort Meade, United States Y-Tech, LLC Full timeJob DescriptionJob DescriptionCyber Security Assessment and Authorization (A&A) EngineerCyber Security/Information Assurance A&A Engineer is responsible for security processes and implementation supporting a large DoD customer on a new multi-year contract. Position Overview: The A&A Engineer will perform, review, and conduct technical security...
-
Cyberspace Policy Analyst and SME
3 weeks ago
Fort Meade, United States Farfield Systems Full timeJob DescriptionJob DescriptionAbout Farfield Systems, Inc.At Farfield we are committed to delivering trusted expertise to our government clients. As we grow, our focus is on increasing opportunities for you to grow with us while still delivering the same excellence customers have grown to expect from us. We continually evaluate our environment to provide a...
-
Cryptographic Vulnerability Analyst
4 weeks ago
Meade, United States National Security Agency (NSA) Full timeResponsibilitiesDo you want to build Cyber capabilities and capacity to enable national security operations? Do you want to be at the forefront of Cyber defense, tackling a complex mission to protect against the threats of today and tomorrow? If so, NSA is the place for you Cryptographic Vulnerability Analysts play a critical role in enabling security...
-
Security Engineer, Vulnerability Management
3 weeks ago
Fort Worth, United States RingCentral Full timeSecurity Engineer, Vulnerability Management: (Belmont CA, Denver CO, Dallas TX) RingCentral is the global leader in cloud-based communications and collaboration software. We are fundamentally changing the nature of human interaction-giving people the freedom to connect powerfully and personally from anywhere, at any time, on any device. As part of the...
-
Security Engineer, Vulnerability Management
2 weeks ago
Fort Worth, United States RingCentral Full timeSecurity Engineer, Vulnerability Management: (Belmont CA, Denver CO, Dallas TX) RingCentral is the global leader in cloud-based communications and collaboration software. We are fundamentally changing the nature of human interaction-giving people the freedom to connect powerfully and personally from anywhere, at any time, on any device. As part of the...
-
Cybersecurity Process Engineer
2 weeks ago
Fort Meade, United States Global Enterprise Services, LLC Full timeThe Cybersecurity Process Engineer – Senior provides cybersecurity expertise and Service Management process guidance to support the Defense Information System Agency (DISA) technology infrastructure. Assesses system risks and facilitate remediation of security vulnerabilities. Using ITSM process experience, report on findings and provide recommendations...
-
Knowledge Manager, Mid
1 week ago
Fort Meade, United States Jacobs Full timeYour Impact:Jacobs is seeking experienced Knowledge Managers (KM) to support the U.S. Army. Knowledge Managers support development of KM systems by designing and implementing SharePoint process improvement solutions; aligning processes and technology to enable information sharing; shaping workflows and processes with peripheral databases, content management,...
-
Cyberspace Intelligence Analyst II
3 weeks ago
Fort Meade, United States TechGuard Security Full timeJob DescriptionJob DescriptionServes as an Intelligence Specialist with responsibilities for participating in the production of all-source intelligence products pertaining to cyberspace operation and planning activities. Applies a wide range of intelligence analytic skills to monitor, assess, and report on cyberspace operations, capabilities,...
-
Information Systems Security Manager
4 weeks ago
Fort Bragg, North Carolina, United States Logistics Management Institute Full timeOverview: LMI is seeking a Senior Cybersecurity Information Systems Security Manager (ISSM) with a minimum of a SECRET clearance to provide cybersecurity Risk Management Framework (RMF) Authority to Operate (ATO) support for a United States Army client helping to develop platform architecture. LMI is a consultancy dedicated to powering a future-ready,...
-
Cybersecurity Process Engineer
3 weeks ago
Fort Meade, United States Global Enterprise Services, LLC Full timeJob DescriptionJob DescriptionThe Cybersecurity Process Engineer – Senior provides cybersecurity expertise and Service Management process guidance to support the Defense Information System Agency (DISA) technology infrastructure. Assesses system risks and facilitate remediation of security vulnerabilities. Using ITSM process experience, report on...
-
Information System Security Engineer
4 weeks ago
Fort Belvoir, United States LMI Full timeOverviewArmy Data and Analytics Platforms (ARDAP) is seeking a Cybersecurity Information Systems Security Engineer (ISSE) to join a team supporting data and analytics platforms for the US Army. The Cybersecurity ISSE will work with a team of cyber, technical, and program subject matter experts to capture and refine information security requirements and...
-
Information System Security Engineer
3 weeks ago
Fort Belvoir, United States LMI Full timeOverviewArmy Data and Analytics Platforms (ARDAP) is seeking a Cybersecurity Information Systems Security Engineer (ISSE) to join a team supporting data and analytics platforms for the US Army. The Cybersecurity ISSE will work with a team of cyber, technical, and program subject matter experts to capture and refine information security requirements and...
-
Security Engineer, Vulnerability Management
2 days ago
Fort Worth, United States RingCentral Full timeSecurity Engineer, Vulnerability Management: (Remote US): RingCentral is the global leader in cloud-based communications and collaboration software. We are fundamentally changing the nature of human interaction-giving people the freedom to connect powerfully and personally from anywhere, at any time, on any device. As part of the RingCentral CISO team,...
-
Air and Space Domain Operations and Intelligence
4 weeks ago
Fort Belvoir, United States The Intelligence & Security Academy Full time**Company Overview**: Founded over 20 years ago and headquartered in Arlington, Virginia, The Intelligence & Security Academy, LLC provides consulting services to federal clients in Intelligence and National Security matters and specializes in delivering strategic consulting and innovative solutions. ISA also provides education & training to federal...
-
Information Systems Security Manager
4 weeks ago
Fort Meade, United States Jacobs Full timeYour Impact:Jacobs is seeking an Information Systems Security Manager (ISSM) Senior (Sr) for a prime contract that is based out of our Columbia, MD office. As the ISSM Sr, you will serve on a team that is responsible for the Authorization and Assessment process under the Risk Management Framework (RMF) for new and existing information systems and will be...