Information Assurance – Cybersecurity

Responsibilities:

Noblis is seeking an experienced cybersecurity professional to work in dynamic mission-oriented environment within Bethesda, Maryland. A successful candidate will be at the forefront of cutting-edge security operations to tackle offensive and defensive cyber challenges. They'll dive deep into vulnerability research, reverse engineering threats, and craft advanced tools and malicious payloads to stay ahead of evolving cyber risks. In this dynamic role, they'll lead the charge in detecting and neutralizing cyberattacks, creating robust defenses, and exploring the latest trends and vulnerabilities across diverse technologies. Additionally, they'll safeguard development environments, perform high-impact penetration testing, and conduct in-depth malware research to keep systems one step ahead of potential threats.

Job Responsibilities:

• Develop or implement a variety of software and hardware solutions in support of work in areas of offensive and defensive security.
• Apply a coding foundation in various languages to create tools and techniques, perform code analysis, conduct code manipulation and develop any solution tailored to the area of need.
• Conduct vulnerability research and analysis of identified platforms, reversing engineering threats to determine methods of exploitation.
• Conduct malware research and research on innovating offensive tools and techniques, developing malicious payloads, and manipulating code execution.
• Accomplish actions to protect data, networks, net-centric capabilities, and other systems by detecting, identifying, and responding to attacks, or by creating defensive toolsets to identify, monitor, and halt an attack.
• Deliver tailored research of various domains of cyber to include various trends, vulnerabilities, or current flaws in software, hardware, IOT, or other technology related areas.
• Secure development environments and software to enable architecting application security.
• Conduct software evaluations for known risks and/or static and dynamic code analysis, assess web application vulnerabilities, track code releases, accomplish automated penetration testing and fuzzing, malware research and reverse engineering, and deliver recommended mitigations for or patching of known vulnerabilities.

Required Qualifications:

Bachelors of Science degree and 8+ years of prior relevant experience or Masters with 6+ years of prior relevant experience.

• U.S. citizen and have an active Top Secret Clearance with SCI and CI Polygraph.
• Knowledge of offensive and defensive security tactics in various environments (e.g., cloud, IoT, mobile).
• Experience with penetration testing automation and continuous security monitoring.
• Familiarity with network traffic analysis.
• Ability to perform red teaming exercises to simulate real-world adversarial tactics and techniques.
• Ability to write detailed technical reports and deliver findings to both technical and non-technical stakeholders.
• Knowledge / use of malware analysis and reverse engineering techniques.
• Knowledge / use of vulnerability research and fuzzing tools for testing code and discovering security flaws.

Desired Qualifications:

• Experience with Cloud Security (e.g., AWS, Azure, Google Cloud) and securing cloud-based applications and infrastructure.
• Knowledge of cryptography and its application in securing communications and data storage (e.g., AES, RSA, hashing algorithms).
• Familiarity with Zero Trust architecture and identity and access management (IAM) principles.
• Foundation in programming languages such as Python, C/C++, Java, or Assembly for vulnerability research, code analysis, and tool development.
• Experience with offensive security tools like Metasploit, Burp Suite, or Kali Linux for penetration testing and exploit development.
• Understanding of network security protocols, web application security, and techniques like SQL injection, Cross-Site Scripting (XSS), and Buffer Overflow.
• Proficiency in static and dynamic code analysis to identify vulnerabilities and exploit methods.
• Experience with incident response and the ability to quickly identify, analyze, and mitigate security breaches.
• Knowledge of security frameworks and standards such as NIST, OWASP, CIS Controls, and ISO 27001.
• Familiarity with secure development practices (e.g., secure coding, threat modeling, application security).

Overview:

Noblis and our wholly owned subsidiaries, Noblis ESI, and Noblis MSD tackle the nation's toughest problems and apply advanced solutions to our clients' most critical missions. We bring the best of scientific thought, management, and engineering expertise together in an environment of independence and objectivity to deliver enduring impact on federal missions. Noblis works with a wide range of government clients in the defense, intelligence and federal civil sectors. Learn more at Noblis -About Us

Why work at a Noblis company?

Our employees find greater meaning in their work and balance the other things in life that matter to them. Our people are our greatest asset. They are exceptionally skilled, knowledgeable, team-oriented, and mission-driven individuals who want to do work that matters and benefits the public. Noblis has won numerous workplace awards. Noblis maintains a drug-free workplace.

• Remote/hybrid status is subject to change based on Noblis and/or government requirements

Commitment to Non-Discrimination:

All qualified applicants will receive consideration for employment without regard to race, color, ethnicity, sex, age, national origin, religion, physical or mental disability, pregnancy/childbirth and related medical conditions, veteran or military status, or any other characteristics protected by applicable federal, state, or local law.

If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact us.

EEO is the Law | E-Verify | Right to Work

Total Rewards:

At Noblis we recognize and reward your contributions, provide you with growth opportunities, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, and work-life programs. Our award programs acknowledge employees for exceptional performance and superior demonstration of our service standards. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in our benefit programs. Other offerings may be provided for employees not within this category. We encourage you to learn more about our total benefits by visiting the Benefits page on our Careers site.

Compensation at Noblis is determined by various factors, including but not limited to, the combination of education, certifications, knowledge, skills, competencies, and experience, internal and external equity, location, clearance level, as well as contract-specific affordability, organizational requirements and applicable employment laws. The projected compensation range for this position is based on full time status. For part time or on-call staff, compensation is proportionately adjusted based on hours worked. While monetary compensation is important, it's just one component of Noblis' total compensation package.

Posted Salary Range: USD $146, USD $228,400.00 /Yr.