TS/SCI Cleared w/ CI Poly Vulnerability Assessment Analyst

Our Client, a federal managed service provider located in Springfield, VA, is in need of a Top Secret SCI cleared with CI Poly Vulnerability Assessment Analyst for a full time position. The VAA will work onsite daily and be responsible for evaluating cyber defense policies, compliance, and configurations; support penetration testing; maintain audit toolkits; and conduct specialized reviews (e.g., TSCM, TEMPEST). Perform risk assessments across technology areas, prepare audit reports with findings and solutions, and recommend cost-effective security controls to mitigate risks and protect systems.

Required Skills:

• Ability to work 100% onsite
• Ability to conduct vulnerability scans and recognizing vulnerabilities in security systems
• Experience with penetration testing tools and techniques
• Skill to apply cyber and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, nonrepudiation.)
• Certifications:
  • IAT Level 2
  • 2 penetration testing certifications with at least one being an advanced certification (examples below)
    • OSCP, OSCE, OSEE, GSE, GXPN, CPT
• Bachelor’s Degree in cybersecurity or IT related field
• Active TS/SCI with a CI Poly clearance

Preferred Skills

• Assess the robustness of security systems and designs.
• Detect host and network-based intrusions via intrusion detection technologies (e.g., Snort).
• Use of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.).
• Use network analysis tools to identify vulnerabilities. (e.g., fuzzing, nmap, etc.).
• Mimicking threat behaviors
• Review logs to identify evidence of past intrusions
• Conduct application vulnerability assessments
• Performing impact/risk assessments