Vulnerability Assessment Analyst

Location: Springfield, VA
Date Posted: 08-24-2018
Join ICES on a newly awarded contract impacting national security as a Vulnerability Assessment Analyst.  These positions are located in Springfield, VA. All positions require an active/current TS/SCI security clearance with Counterintelligence Polygraph and be willing and able to pass an additional polygraph as needed.
 
As a Vulnerability Assessment Analyst specific responsibilities include, but are not limited to:
  • Conduct vulnerability, intrusion, and incident response assessments/penetration tests of information systems in accordance with industry best practices
  • Identify system and agency risks by utilizing incident detection techniques, tools and methods, and exploitation activities
  • Research, detect, analyze, and exploit vulnerabilities of information systems
  • Apply principles, methods, and knowledge to identifying and remediating vulnerabilities
  • Provide technical knowledge and analysis of highly complex vulnerabilities
  • Provide technical assistance in test plan development and security control testing based on security assessments
  • Provide guidance and recommendations concerning the impact to client risk management processes of new or revised IC and DoD policies, directives, and guidance
  • Promote an understanding and use of Enterprise Security Services (ESS) to enable consistent, efficient, and effective security control implementation throughout the System Development Lifecycle (SDLC)
Required Qualifications:
  • Hold a current, active and maintain a TS/SCI U.S. Government security clearance
  • Bachelor’s Degree in Information Technology, Information Systems Security, Cybersecurity, or related field
  • 5+ years of relevant consulting or industry experience
  • Proven experience effectively prioritizing workload to meet deadlines and work objectives
  • Demonstrated ability to write clearly, succinctly, and in a manner that appeals to a wide audience
  • Proficiency in word processing, spreadsheet, and presentation creation tools, as well as Internet research tools
  • Hold or earn an IAT/IAM Level III security certification within 6 months of hire.  Certifications include: CISSP, CISM, CISA, CASP, CCNP Security, GCED, GCIH, or GSLC.
Desirable Qualifications:
  • Experience with web assessment software, vulnerability scanning tools, or penetration test tools
  • Experience developing custom scripts and batch files using python, powershell, and bash
  • A&A (RMF) SME with experience testing and assessing cyber security solutions
  • Understanding of cyber defensive architecture and technologies required to protect, detect, and respond to cyber threats and attacks
  • Understanding of fundamental cloud computing concepts
  • Knowledge of and experience with Federal security policies, regulations, standards, and processes including FISMA, FIPS, ICD, NIST, CNSSI.
or
this job portal is powered by CATS