System Vulnerability Analyst

Are you an emerging professional who wants to work our nation's tough cybersecurity problems? Do you enjoy deeply technical, hands-on work? Do you want to identify vulnerabilities in software and infrastructure devices, and then figure out how to deal with them? Are you looking to make an impact in cybersecurity and advance your career while enjoying the outstanding benefits of federal service?
System Vulnerability Analysts (SVA) at NSA have the opportunity to work in the following areas:
- Vulnerability discovery and analysis
- Tailored security solutions
- Reverse engineering
- Malware analysis
- Scalable mitigation development
- Perimeter/boundary defense
- Network security
- Researching emerging industry technologies and solutions
- Ensuring adequacy of cybersecurity standards and configurations
- Fusing vulnerability assessments from all sources into a unified picture for risk analysis

Job Summary

System Vulnerability Analysts analyze vulnerabilities and develop mitigations to strengthen defenses. They produce formal and informal reports, briefings, and guidance to defend against attacks against network infrastructure devices or systems. NSA analysts' competencies run the gamut of data transport possibilities. They work with traditional wired networks, wireless transport, including Wi-Fi and cellular, collaborative platforms such as video teleconferencing, and the hardware and software that support it all.
Start your career as a System Vulnerability Analyst at NSA, where you can become an expert in networking protocols and architectures, cloud security, and Internet of Things protocols, to impact and advance traditional network security.

Qualifications

The qualifications listed are the minimum acceptable to be considered for the position.
Degree must be in Computer Science or a related field (e.g., General Engineering, Computer Engineering, Electrical Engineering, Systems Engineering, Mathematics, Computer Forensics, Cybersecurity, Information Technology, Information Assurance, and Information Security).
Relevant experience must be in one or more of the following areas: computer or information systems design/development, programming, information/cyber/network security, vulnerability analysis, penetration testing, computer forensics, or information assurance. Network and/or system administration may account for some, but not all, of the required experience. Completion of military training in a relevant area such as JCAC (Joint Cyber Analysis course), Undergraduate Cyber Training (UCT), Network Warfare Bridge Course (NWBC)/Intermediate Network Warfare Training (INWT), Cyber Defense Operations will be considered towards the relevant experience requirement (i.e., 20-24 weeks course will count as 6 months of experience, 10-14 weeks will count as 3 months of experience).
FULL PERFORMANCE
Entry is with a Bachelor's degree plus 3 years of relevant experience, or a Master's degree plus 1 year of relevant experience, or a Doctoral degree and no experience. An Associate's degree plus 5 years of relevant experience may be considered for individuals with in-depth experience that is clearly related to the position.

Competencies

We're looking for mid-level professionals who possess strong problem solving, analytical, communication and interpersonal skills; and have knowledge or experience in the following areas:
- Defending against and/or mitigating system vulnerabilities
- Solid grasp of architecture, operating systems, functionality and configuration
- Vulnerability detection, analysis and mitigation development
- Reverse engineering
- Fuzzing and penetration testing
- Proficiency in languages like C/C++, Python, and Java
- Strong background in advanced mathematics (i.e. number theory, abstract algebra, linear algebra, probability theory, and discrete mathematics)
- Knowledge of cryptography, encryption, and algorithms
- Familiarity with Security Information and Event Management (SIEM), intrusion detection systems (IDS), and vulnerability assessment tools
- Understanding of network security principles, segmentation, and traffic analysis

Pay, Benefits, & Work Schedule

Pay: Salary offers are based on candidates' education level and years of experience relevant to the position and also take into account information provided by the hiring manager/organization regarding the work level for the position.
Salary Range: $104,219 - $151,570 (Full Performance)
Salary range varies by location, work level, and relevant experience to the position.
Training will be provided based on the selectee's needs and experience.
Benefits: NSA offers a comprehensive benefits package.
Work Schedule: This is a full-time position, Monday - Friday, with basic 8hr/day work requirement between 6:00 a.m. and 6:00 p.m. (flexible).
DCIPS Trial Period:
If selected for this position, you will be required to serve a two-year DCIPS trial period, unless you are a veterans' preference-eligible employee, in which case you are required to serve a one-year trial period. This trial period runs concurrently with your commitment to the position, if applicable. Before finalizing your appointment at the conclusion of your trial period, NSA will determine whether your continued employment advances the public interest. This decision will be based on factors such as your performance and conduct; the Agency's needs and interests; whether your continued employment would advance the Agency's organizational goals; and whether your continued employment would advance the efficiency of the Federal service.
Upon completion of your trial period, your employment will be terminated unless you receive certification, in writing, that your continued employment advances the public interest.
If you do not receive certification for continued employment, you should receive written notice prior to the end of your trial period that your employment will be terminated and the effective date of such termination.

How to apply

The following four narrative questions provide an opportunity for you to highlight your dedication to public service for the hiring manager and agency leadership (or designee(s)). While your responses are not required and will not be scored, we encourage you to thoughtfully address each question. Please provide a response of 200 words or less to each question. You will be asked to certify that you are using your own words and did not use a consultant or artificial intelligence (AI) such as a large language model (LLM) like ChatGPT or Copilot. (Please attach in application)
1. How has your commitment to the Constitution and the founding principles of the United States inspired you to pursue this role within the Federal government? Provide a concrete example from professional, academic, or personal experience.
2. In this role, how would you use your skills and experience to improve government efficiency and effectiveness? Provide specific examples where you improved processes, reduced costs, or improved outcomes.
3. How would you help advance the President's Executive Orders and policy priorities in this role? Identify one or two relevant Executive Orders or policy initiatives that are significant to you, and explain how you would help implement them if hired.
4. How has a strong work ethic contributed to your professional, academic or personal achievements? Provide one or two specific examples, and explain how those qualities would enable you to serve effectively in this position.

Apply soonest, as job postings can close earlier than stated end dates due to changes in requirements. It is important to review and note the minimum qualifications, as only those applicants who meet the required qualifications will be contacted to continue the employment process. Please populate the resume tool to showcase any relevant work experience and education related to the position and answer any applicable screening questions. Information collected will be used to determine eligibility, and failure to provide accurate information may result in disqualification for this position.
A confirmation email will be sent after submission of the first application and also after any future updates to submitted applications. **Due to time sensitive communications regarding applications, please ensure your spam filters are configured to accept email from For job vacancies that include stated testing requirements, also include the following: , , and **
U.S. Citizenship is required for all applicants. NSA is an equal opportunity employer and abides by applicable employment laws and regulations. All applicants and employees are subject to random drug testing in accordance with Executive Order Employment is contingent upon successful completion of a security background investigation and polygraph. Reasonable accommodations may be provided to applicants with disabilities during the application and hiring process where appropriate.

DCIPS Disclaimer

**VETERANS AND TRANSITIONING SERVICE MEMBERS**
Thank you for your service The National Security Agency (NSA) is part of the Defense Civilian Intelligence Personnel System (DCIPS). All positions at NSA are in the Excepted Service under Title 10, United States Codes (U.S.C.), Section 1601 appointment authority.
Veterans' Preference
In accordance with the procedures provided in DoD Instruction , Volume 2005, "DoD Civilian Personnel Management System: Defense Civilian Intelligence Personnel System Employment and Placement," NSA applies veterans' preference, as defined by Section 2108 of Title 5, U.S.C., to eligible candidates. If you are claiming veterans' preference, you are required to provide acceptable documentation of your preference eligibility upon application.
Acceptable documentation includes:
- DD-214: "Certificate of Release or Discharge from Active Duty," which shows dates of service and discharge under honorable conditions (Copy 4); OR
- Certification of Service:
A written document on letterhead from the appropriate branch of the armed forces that certifies the service member is expected to be discharged or released from active duty service in the armed forces under honorable conditions not later than 120 days after the date the certification is signed. The certification should include the military service dates, including the expected discharge or release date; AND
- Standard Form 15 (SF-15)
Application for 10-point Veteran Preference ).
If you are claiming a service-connected disability of 30 percent or more, the documentation you provide must specifically demonstrate this level of disability; AND
- VA Letter of Disability (for 10pt and Sole Survivorship rating)
You may obtain a letter from the Department of Veterans Affairs reflecting your level of disability for preference eligibility by visiting a VA Regional Office, contacting a VA call center, or online ).
**Failure to provide sufficient documentation of veterans' preference eligibility may preclude NSA from identifying you as a preference eligible candidate during the hiring selection process.