Cyber Threat and Exploit Analyst

Location: San Diego, California
Date Posted: 08-29-2018
Cyber Threat and Exploit Analyst
  • Provide the capabilities necessary to review exploit code and its associated vulnerabilities, discover enterprise security discrepancies, assess associated risks, and assist with the development of remedial action in coordination with a mitigation team.
  • Coordinate and execute external security assessments to discover vulnerabilities in a production environment.
  • Prioritize mitigation actions based on assessed risk upon discovery of critical exploits and vulnerabilities within the lab and production environments.
  • Conduct, analyze, and review penetration tests an assessment results to develop Cyber defense recommendations.
  • Maintain a lab environment to test adversary tactics, techniques, and procedures.
  • Analyze the creation of repeatable data analysis processes that identify the attributes and indications of targeted activity for profile development.
Basic Qualifications:
-5+ years of experience with assessments, including penetration tests of systems and networks in a DoD network environment
-5+ years of experience with developing exploit code for network and system penetration testing
-5+ years of experience with penetration testing of Web applications
-5+ years of experience with developing specialized applications for the assessment and security testing of Web applications
-5+ years of experience with developing and maintaining custom applications that exploit known system vulnerabilities or system mis-configurations to gain system command
-Top Secret clearance preferred; Minimum SECRET
-HS diploma or GED
-DoD 8570 IAT Level III Certification, including CISA,CASP, CISSP, or GCED
-DoD 8757 CSSP Auditor Certification, including CISA, CEH, or GSNA

Additional Qualifications:
-Experience in implementing or assessing compliance with a DoD, Department of Navy (DON), or US Marine Corps (USMC) CND policies, regulations, and compliance documents
-Experience in assessing compliance with security controls and DoD Secure Technical Implementation Guidelines (STIGs) supporting the DoD IA Certification and Accreditation Process (DIACAP) and Risk Management Framework (RMF)
-Experience with providing the support required to maintain the Government’s CSSP accreditation per the standards set forth in the CSSP program manual, DOD -8530.1-M
-BA or BS degree in IT or CS
-Completion of Red Team Operations Course
-Professional level certification in one or more technical fields, including a computing environment (CE), such as Windows, UNIX, or Red Hat Linux
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is preferred.
this job portal is powered by CATS