Current jobs related to Senior Cyber Security Vulnerability Management Analyst - Annapolis - Constellation Energy

  • Cyber Security Threat Analyst

    2 days ago

    Annapolis, Maryland, United States ManTech Full time

    ManTech Senior Cyber Security AnalystWe are seeking a highly skilled Senior Cyber Security Analyst to join our team in Annapolis Junction, MD.Key Responsibilities:Compile and analyze intelligence campaigns to identify and attribute cyber threats.Gather and analyze evidence on foreign intelligence entities to address potential or real-time threats.Monitor and...

  • Senior Cyber Intelligence Analyst

    3 weeks ago

    Annapolis Junction, Maryland, United States Sentar Full time

    Position Overview The Senior Cyber Intelligence Analyst plays a pivotal role in evaluating international cyber capabilities, aiding in the creation of intelligence outputs, and supporting the development of national and military cyber strategies, doctrines, and policies. This position requires collaboration with a variety of stakeholders, including...

  • Cyber Analyst

    3 weeks ago

    Annapolis, United States Cherokee Nation Businesses Full time

    Job DescriptionCyber Analyst - Senior ***This position requires an active TS/Sensitive Compartmental Information (SCI) security clearance with the ability to obtain a Counterintelligence Polygraph clearance.*** Cherokee Analytics is seeking a Cyber Analyst to provide analytic support to the Intelligence Community. Compensation & Benefits: Pay commensurate...

  • Senior Cyber Exploitation Analyst

    2 weeks ago

    Annapolis, Maryland, United States Insight Global Full time

    About the RoleWe are seeking a highly skilled Cyber Intelligence Analyst to join our team at Insight Global. As a Cyber Intelligence Analyst, you will play a critical role in analyzing and disseminating strategic and tactical intelligence to support national security objectives.Key ResponsibilitiesPerform advanced analysis of signals intelligence (SIGINT)...

  • Vulnerability Analyst-Principal

    3 weeks ago

    Annapolis, United States NetSage Corporation Full time

    NetSage's mission is to help our customers achieve their missions by providing superior cyber services. We seek talented professionals who are interested in doing meaningful, mission-focused work for the U.S. Federal Government. We are a growing Company that puts our employees first and offers excellent pay and world-class benefits. We do not hire contract...

  • Senior Cyber Intelligence Analyst

    3 weeks ago

    Annapolis Junction, Maryland, United States Sentar Full time

    Role Overview As a pivotal member of our team, you will engage in the evaluation of international cyber capabilities, aiding in the creation of intelligence deliverables, and supporting the development of national and military cyber strategies, doctrines, and policies. Your collaboration with diverse stakeholders, including high-ranking officials and...

  • Senior Cyber Intelligence Analyst

    3 weeks ago

    Annapolis Junction, Maryland, United States Sentar Full time

    Role Overview The position involves a vital function in evaluating international cyber capabilities, aiding in the creation of intelligence deliverables, and supporting the development of national and military cyber strategies, doctrines, and policies. This role requires collaboration with various stakeholders, including high-ranking officials and...

  • Lead Analyst for 5G Security Vulnerabilities

    3 weeks ago

    Annapolis Junction, Maryland, United States Booz Allen Hamilton Full time

    Position Overview: Are you passionate about cybersecurity and the challenges of safeguarding advanced networks? As a Lead Analyst specializing in 5G security vulnerabilities, you will play a pivotal role in identifying and mitigating risks associated with cutting-edge telecommunications technologies. Your Role: In this position, you will leverage your...

  • Cyber Developer

    2 months ago

    Annapolis Junction, United States TapHere! Technology, LLC Full time

    TapHere is seeking a motivated, career and customer-oriented Cyber Developer / Vulnerability Engineer to join the team in the Annapolis Junction, MD. The position desires the Software Engineer with Development experience and knowledge of operating software programs, configuring hardware devices and develop critical procedural steps.  The position seeks...

  • Cyber Operations Analyst 2

    3 weeks ago

    Annapolis Junction, Maryland, United States The Swift Group Full time

    Job OverviewThe Swift Group is in search of skilled Cyber Operations Analysts 2 who possess a comprehensive knowledge of adversarial networks, defensive strategies, and cyber operational capabilities. The role involves formulating exploitation strategies and implementing operational modifications as these strategies are executed. Ideal candidates will also...

  • Cyber Security Analyst

    6 days ago

    Annapolis, Maryland, United States CHICKASAW NATION INDUSTRIES INC Full time

    Job SummaryWe are seeking a highly skilled Cyber Information Assurance Analyst I to join our team at CHICKASAW NATION INDUSTRIES INC. This role will provide support on our (DISA) Program, located at Annapolis Junction, MD.Key ResponsibilitiesManage the PPSM Registry Database User Accounts, PPSM Registry database system data entry, and data export to unique...

  • Cybersecurity Vulnerability Analyst

    3 weeks ago

    Annapolis Junction, Maryland, United States Booz Allen Hamilton Full time

    Position Overview:Are you passionate about safeguarding networks and systems? As a Vulnerability Assessment Analyst at Booz Allen Hamilton, you will play a pivotal role in identifying and mitigating security risks. Your expertise in network exploitation and vulnerability analysis will be crucial in enhancing our national security initiatives.Your...

  • 5G Vulnerability Analyst Lead

    2 days ago

    Annapolis Junction, Maryland, United States Booz Allen Hamilton Full time

    The OpportunityAs a seasoned network exploitation professional, you will have the opportunity to apply your expertise in vulnerability analysis, network mapping, exploitation, defensive, and IT logging process to execute offensive cyber operations that inform our nation's most critical security missions.Key ResponsibilitiesProbing targets using the latest...

  • Cyber Security Analyst

    2 days ago

    Annapolis Junction, Maryland, United States Parsons Company Full time

    Job Description:We are seeking a highly skilled Cyber Security Analyst to join our Federal Solutions team at Parsons Company. As a key member of our team, you will be responsible for conducting advanced analysis of SIGINT collection, open source data, network data, and host data to ensure target community, profile targets and their activities, and develop...

  • Cybersecurity Vulnerability Analyst

    3 weeks ago

    Annapolis, Maryland, United States SIXGEN Full time

    We are in search of a skilled Cybersecurity Penetration Tester with a robust background in supporting Cyber Mission Force Programs and Cyberspace Operations. The ideal candidate will possess extensive hacking expertise alongside experience in Training and Exercise Development. This position is situated within our Cyber division and reports directly to the...

  • Cybersecurity Vulnerability Analyst

    3 weeks ago

    Annapolis Junction, Maryland, United States Nightwing Full time

    Position Overview: As a Cybersecurity Vulnerability Analyst at Nightwing, you will engage in the critical task of examining systems to comprehend their functionality and behavior under various conditions. This role requires a dual approach, where you will both develop and counteract innovative security methodologies.Company Background: Nightwing is a...

  • 5G Vulnerability Analyst, Lead

    4 months ago

    Annapolis Junction, United States Booz Allen Hamilton Full time

    5G Vulnerability Analyst, Lead The Opportunity: Do you enjoy the thrill of the hunt? Are you motivated by the head-to-head challenge of gaining access to well-protected networks? As a network exploitation professional, you know that understanding the adversaries’ tactics, techniques, and procedures is crucial to producing the intel that enables the...

  • Cyber Network Analyst

    3 weeks ago

    Annapolis Junction, Maryland, United States Booz Allen Hamilton Full time

    About the Opportunity:We are seeking a highly skilled Cyber Network Analyst to join our team at Booz Allen Hamilton. As a Cyber Network Analyst, you will play a critical role in supporting our warfighters, protecting national security, and informing our nation's leaders.Your Key Responsibilities:Provide expert analytic support to enable cyber space...

  • Senior Information Security Analyst

    3 weeks ago

    Annapolis, Maryland, United States OPS Consulting, LLC Full time

    OPS Consulting, LLC is in search of a seasoned Senior Information Security Analyst to provide expertise in safeguarding significant federal information systems/applications.Position Overview:The Senior Information Security Analyst will be responsible for proposing, coordinating, implementing, and enforcing security policies, standards, and methodologies for...

  • Senior Exploitation Analyst

    3 weeks ago

    Annapolis, Maryland, United States The Swift Group Full time

    The Swift Group is in search of seasoned Exploitation Analysts 4 who possess extensive knowledge of adversarial networks, defensive strategies, and cyber operational capabilities. The role involves crafting exploitation strategies and implementing operational modifications as these strategies unfold. Ideal candidates will also bring expertise in programming,...

Senior Cyber Security Vulnerability Management Analyst

4 months ago

Annapolis, United States Constellation Energy Full time

COMPANY OVERVIEW

As the nation's largest producer of clean, carbon-free energy, Constellation is a company purposely-built to meet the challenges of the climate crisis. Constellation has been the leader in clean energy production for more than a decade and we are growing our company and capabilities. Now, we're accelerating, speeding our low-carbon or no-carbon power to more people in more places, day and night, providing our customers and communities with options to buy, manage and use energy as part of their decarbonization mission. The race is on to confront the climate crisis and Constellation is ready to meet the challenge. Come join us as we lead energy, together.

TOTAL REWARDS

Constellation offers a wide range of benefits and rewards, designed to help our employees thrive professionally and personally. In addition to highly competitive salaries, we offer a bonus program, 401(k) with company match, employee stock purchase program comprehensive medical, dental and vision benefits, including a robust wellness program paid time off for vacation, holidays and sick days and much more.

Expected salary range of $115,200 to $128,000, varies based on experience, along with comprehensive benefits package that includes bonus and 401(k).

PRIMARY PURPOSE OF POSITION

The Senior Cyber Security Vulnerability Management Analyst will be expected to conduct formal tests on web-based applications, networks, and other types of computer systems on a regular basis and determines/documents deviations from approved configuration standards and/or policies. This role will also be expected to work on physical security assessments of servers, computer systems, and networks. Along with these tests and assessments, this role will conduct regular security vulnerability assessments, scans from both a logical/theoretical standpoint and a technical/hands-on standpoint and recommend appropriate mitigations and/or remediation efforts. This role will enhance security services provided by the Cyber Vulnerability Detection and Management team. This is a hands-on role requiring expert technical skills across a wide range of IT/OT systems, applications, and infrastructure.

PRIMARY DUTIES AND ACCOUNTABILITIES

  • Performing security architecture reviews of applications in design and production phases.
  • Identifying security recommendations, potential threats and attacks to applications systems through threat modeling and vulnerability assessment.
  • Consulting with developers on integrating security processes and tools into DevOps processes
  • Working with application development teams to develop solutions to remediate security vulnerabilities.
  • Improving secure coding practices, application security requirements, automation, training and metrics.
  • Maintaining an active understanding of industry practices for secure software development.
  • Play an active role in counseling and mentoring junior Cybersecurity team members.
  • Understanding of or experience in Agile Development Environment.
  • Problem solving and troubleshooting with eye for details.
  • Good communication and presentation skills.
  • Ability to work in both collaborative and independent work environments.
  • Proven ability to work as DevSecOps practioner.
  • Design automation workflows and capabilities in support of data collection, investigation and incident response.
  • Develop threat hunting and data analysis strategy and capabilities.
  • Identify and propose new technologies, methodologies and/or approaches to detecting malicious activity.
  • Utilize indicators to scope and respond proactively to emerging threats.
  • Design, build, configure, maintain and monitor cybersecurity threat defense capabilities and user access management.

MINIMUM QUALIFICATIONS

  • Bachelors degree in Information Technology, Cybersecurity, or Computer science plus 5-8 years of relevant experience or, in lieu of a degree a minimum of 9-12 years of relevant experience.
  • Experience in performing application security vulnerability assessment using either manual penetration testing and source code techniques or automated commercial SAST/DAST/IAST/SCA/OSA tools.
  • Experience in performing security architecture/threat modeling.
  • Experience in evaluating application security programs for clients and developing key elements of the program as part of the enhancement process and developing internal vulnerability assessment and management processes.
  • Ability to learn and adapt to integrate application security to different CI/CD systems and apply automation as needed.
  • Minimum 2 years of experience working in Agile development, application security, or DevOps role, with experience in the following technologies:
    • Containers (Docker, Kubernetes, etc.)
    • Infrastructure as code (Chef, Terraform, etc.)
    • Continuous integration (Jenkins, Github, TeamCity etc.)
    • Integration of Security testing tools like Fortify , ShiftLeft, Check Marx , Invicti, WhietSource into pipeline
    • Defect tracking (Jira, ServiceNow etc.)
    • Source code management (GitLab, GitHub, BitBucket, etc.)
    • Developing enterprise applications or scripts for security testing (security as code)
    • Cloud environment (AWS, Azure, GCP) and various Unix-like distributions
    • Knowledge of networking, infrastructure and applications from a DevOps perspective with a security focus
    • Experience in programming or scripting languages
    • Broad knowledge of security control techniques and how they can be applied in a traditional IT environment as well as cloud-based systems
    • Good technical knowledge of Microservice oriented solutions, APIs, Azure AD and common cloud authentication patterns
    • Security Cert ( Sec +, CEH, CCSP, GSEC)

PREFERRED QUALIFICATIONS

  • Cloud DevOps Certification (Azure, GCP, AWS).
  • Graduate degree in cyber security or related area of expertise.
  • Relevant security certifications (CISSP, CISM, OSCP, GIAC).
  • Demonstrated expert technical skills with various penetration testing technologies and tools.
  • Demonstrated experience and subject matter knowledge in cyber and information security for applications, web architectures, operating systems, databases, and networks.
  • Demonstrated experience and subject matter knowledge of SCADA, ICS, Distribution Automation, Smart Grid, DMS, and ECS systems architecture in relation to evaluating risk.
  • Demonstrated experience and proven capabilities in network vulnerability assessment, application vulnerability assessment, application security architecture development, web application security, and application security testing.
  • Demonstrated experience in addressing regulatory compliance for the security requirements in applicable laws and regulations, such as NERC CIP, SOX, PCI DSS, and HIPAA.
  • Solid understanding and experience with security development lifecycle (SDL) processes for internally developed applications, including the web-based and Internet facing components.
  • Demonstrated knowledge and experience in application security standards, methodologies, and technologies.
  • Solid understanding to assess application and web architectures and operating systems for vulnerabilities and develop appropriate security countermeasures.
  • Solid knowledge and experience with IT security aspects of operating systems, Active Directory, database (SQL) access, LDAP, Microsoft SharePoint, and web server configurations.
  • Demonstrated experience in assessing and testing security applications and systems, such as Cisco firewalls, security appliances, IDS/IPS, SSL or TLS, IPSec, and web services security.
  • Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to business leaders and technical staff.