Employee Type: Full-Time
Location: Offutt AFB, NE
Job Type: Cyber Security
Experience: 5 Years
Clearance Type: TS/SCI
Start Date: May 2024 AERMOR LLC is hiring a Cyber Test Analyst to support in analyzing and testing Intercontinental Ballistic Missile (ICBM) weapon systems and related systems/sub systems using qualified personnel with requisite engineering and analytical backgrounds. Responsibilities Include: * Perform analysis of current and future test/assessment capabilities. Activities include: identifying test/assessment capability requirements, documenting existing test/assessment capabilities, identifying shortfalls, performing trade-off analyses, and recommending approaches to solve issues.
* Prepare, submit and/or revise AFOTEC portions of program test documentation, such as test team charters, test and evaluation master plans, integrated test plans, and schedules.
* Analyze and submit test/assessment methodologies;
* Test/assessment scenario descriptions; test/assessment demonstrations; test/assessment risk, limitation and mitigation strategies; and test/assessment readiness and support requirements needed to complete the test plan.
* Assist with cybersecurity test planning, execution, analysis, and reporting examples include the following:
* Consult on integrated, dynamic Cyber defense and leverage Cybersecurity solutions, and identify intrusion/attack paths and recommend detection and prevention, situational awareness if intrusions, and incident response actions.
* Support, coordinate, and continuously monitor system security posture and ensure adverse events are formally handled and reported.
* Participate in various working groups and customer meetings; ensure communication of risk environment with stakeholders.
* Assist with test planning, execution, analysis, and reporting on various cyber tests such as: Mission-Based Cybersecurity Risk Assessment (MBCRA, Cyber Vulnerability Identification (CVI), Cooperative Vulnerability and Penetration Assessment (CVPA), Adversarial Assessment (AA).
Required Skills and Experience: * DoD IAM Level 1 Certification. * Ability to articulate open issues and risks in a timely manner to management and make recommendations.
* Familiar with the Risk Management Framework.
* Knowledge of current security tools and industry best practices: tools, techniques, procedures, tactics, attacks and forensics.
* Knowledge of network defense systems including but not limited to network and host-based IDS, IPS, firewall, web application firewall, proxy and SIEM systems.
* Experience with system administration, networking, Computer Network Attack (CNA), Computer Network Exploitation (CNE), Computer Network Defense (CND), and/or penetration testing.
* Experience decomposing system diagrams, cybersecurity architecture, and other documentation to determine the potential attack surface and attack vectors.
* Knowledge of Cyber test tools (e.g. Retina, SCAP, ACAS, Nessus, Metasploit, Burp, Nessus, Kali Linux Tool Suite, Core Impact, Burp Suite, IDA Pro, OllyDbg/WinDbg, Nmap, John the Ripper, Cain, Nikto, and packet analysis tools (Wireshark/TCPDump).
* Understand fundamentals of how to exploit vulnerabilities in tested systems including (but not limited to): system misconfigurations, zero-day vulnerabilities, Denial of Service (DoS) or Distributed Denial of Service (DDoS) vulnerabilities, privilege escalation, unsupported or unpatched software, and phishing attacks.
Educational Requirements: * Bachelor's degree in Cybersecurity or a related field. * 6 years' work experience may be substituted for a bachelor's degree.
* Associate degree plus 4 years' work experience may be substituted for a bachelor's degree.