Responsibilities:
• Utilize creativity and divergent thinking to assess and explain the impact of cybersecurity vulnerabilities on FCEB and CIKR security postures
• Conduct prevalence and sector analysis of vulnerabilities with Attack Surface Management tools
• Review vulnerability reporting to identify potential risks and impacts CIKR and FCEB entities
• Maintain awareness of technical capabilities of Vulnerability Management (VM) Subdivision operational components
• Evaluate technical requirements of VM operational components and recommend paths forward
• Understand and articulate the impact of vulnerabilities to organizations
• Coordinate with VM analysts and leadership to synchronize VM operational activities
• Coordinate with broader Cybersecurity Division (CSD) analysts and leadership to understand CSD operational priorities and activities
• Willingness, ability, and flexibility to assist the government to standup this new mission operations area within VM
• Demonstrated ability to contribute to developing Standard Operating Procedures and Work Instructions as required
• Demonstrated ability to contribute to weekly operation summaries, intelligence analysis summaries, and other cyber intelligence reports Required Skills:
• U.S. Citizenship
• Must have an active TS/SCI clearance
• Must be able to obtain DHS Suitability
• 5 years of directly relevant experience
• Experience as a hands-on cybersecurity analyst (i.e. SOC Analyst or Penetration Tester) is required
• Experience with the analysis and characterization of cyber attacks
• Skilled in identifying different classes of attacks and attack stages
• Knowledge of system and application security threats and vulnerabilities
• Knowledge of basic networking protocols, including TCP/IP, UDP, HTTP/HTTPS, SSH, and DNS, and open security standards and projects, including OWASP
• Knowledge of CVSS and KEV scoring methodology
• Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)
• Knowledge of VM scanning, Web Application scanning, and red team processes
• Experience recognizing and categorizing types of vulnerabilities and associated attacks
• Knowledge of Computer Network Defense policies, procedures, and regulations
• Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored])
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code)
• Experience in developing and delivering technical briefings
• Must be able to work collaboratively across physical and virtual locations Desired Skills:
• Understanding of OT/ICS/SCADA technologies and associated vulnerabilities
• Experience with conducting all-source research
• Understanding of MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK)
• Experience with:
• SharePoint
• ServiceNow
• Palo Alto Networks Cortex Xpanse Required Experience Education:
BS Computer Science, Computer Engineering, Computer Information Systems, Cybersecurity, or related degree, or 7 years experience in cyber incident management experience or cybersecurity experience with a High school diploma. Desired Certifications:
o CompTIA Security , CEH, CISSP, CISM, CISA, CCSP, CIPP, CPT, CCSS