Cipher Tech Solutions
  • 11-Jul-2017 to 02-Nov-2017 (EST)
  • Cyber Intel
  • Linthicum, MD, USA
  • Hourly
  • Full Time

Location

Linthicum, MD

Description 

This Vulnerability Assessment Team (VAT) member position will support the DoD Information Assurance Vulnerability Management program. These activities directly support cyber-crime investigations and operations to identify and mitigate cyber threats. The VAT is responsible for executing FISMA compliance activities including annual assessments of security control status, vulnerability assessments, annual testing of contingency plans, and incident response plans, configuration management and conduct Privacy Impact Assessments (PIA).  The team provides audit and advisory services, helps clients understand the complexity of issues such as performance, privacy, risk, controls, and data analysis.

The Validator is responsible for continuous vulnerability scans across a multitude of networked or standalone systems. Serves at the central coordination point of all network system vulnerability assessments, audits, and related studies conducted in the agency environment. Individual participates in activities traditionally associated with Incident Response, and vulnerability scanning, and is primarily responsible for routine Nessus scanning, network monitoring and intrusion detection, as well as additional Cyber Security analysis. Individual will be responsible for providing associated monthly and ad-hoc scans using ACAS/Nessus as required on the Network Protection Suites (NPS) and owned and managed systems. The Validator is responsible for managing, disseminating, interpreting, and tracking compliance with IAVM associated messages, monitoring the system for Vulnerability Threats, looking at reports for advanced Cyber Security Analysis, and hunting for hidden threats.  In addition to assessing compliance based on requirements, and developing Plans of Action and Milestone (POA&M) documentation.   Individual will be responsible for vulnerability management related to web applications including periodic vulnerability scanning, web application scanning, and code scanning. In addition to, analyzing results, identifying false positives, identifying remediation plans, directing system developers on remediation plans, and managing remediation through closure.

Requirements

Must be a US Citizen with a TOP SECRET security clearance (no exceptions)

Must hold a BS degree in Information Security, Computer Science, Cyber Security,  Intelligence Studies, Applied Intelligence, Regional Studies, International Affairs, Political Science & Analysis or another related field of study.

Experienced in employing software engineering techniques in designing and developing software for vulnerability discovery and an understanding of the vulnerability management lifecycle.

Experienced in automation and scripting of applications and systems, i.e. Python, Perl, JavaScript, Splunk, and Archer.

Experienced with vulnerability scanning tools such as Retina and Nessus.

Experience working with web services technologies such as XML, JSON, SOA, REST, and AJAX.

Knowledge of Network Security Analysis using Intrusion Detection Systems.

Comprehensive understanding of Security Methodologies, firewalls, proxies, mail servers, and web servers. Advanced experience with vulnerability assessment.

Comprehensive knowledge of malicious code (worms, viruses, spy-ware, etc.)

Demonstrated strong interpersonal and organizational skills and ability to serve as central coordination point.

Highly exceptional verbal and written communication skills, including ability to produce as well as provide expert review of accurate and timely technical reports are required of material for release to a larger community.

Desired Skills 

Understanding DoD standards from a compliance perspective.

Demonstrated experience developing Plans of Action and Milestone (POA&M) documentation.

Demonstrated experience conducting Privacy Impact Assessments (PIA).

Demonstrated experienced using Assured Compliance Assessment Solution (ACAS).

Superior organizational skills to analyze, develop, and deliver detailed reports meeting tight suspense windows.

Strong attention to detail and ability to prepare documents for customer review with limited direction.

Ability to work multiple tasks and flexibility to adapt to dynamic work environment to meet organizational requirements.

Experience authoring and editing standard operating procedures (SOPs), policies, and organizational communications.

Experience with, or knowledge of: Certified Ethical Hacking or Penetration (Pen) Testing, Network Defense, Information Assurance, or Remediation Procedures.

 

About Us

At Cipher Tech Solutions, Inc. (Cipher Tech), we take great pride in supporting some of the most mission critical work in the Department of Defense and the Intelligence Community. The majority of our company is comprised of extremely talented software developers who write production tools which directly support one of two missions: digital forensics and malware reverse engineering. We have a host of other positions including Cyber Intel Analysts and Digital Forensic Examiners.

 

Cipher Tech Solutions
  • Apply Now

  • * Fields Are Required

    What is your full name?

    How can we contact you?

    By clicking the button above, I agree to ApplicantPro's Applicant Information Use Policy.

  • Sign Up For Job Alerts!

  • Share this Page
  • Facebook Twitter LinkedIn Email
.
Logo Home The Company Services&Solutions Careers Contact Us