Job Requirements
Linthicum Heights, MD
Secret Polygraph Unspecified
Career Level not specified
$165,000 - $180,000
Job Description
Cybersecurity Vulnerability Analyst
Linthicum Heights, MD
Support mission-critical vulnerability analysis operations for the United States Space Force by reviewing and vetting vulnerability reports submitted to the DoD VDP from outside hackers.
Before You Apply
This is a full-time W-2 position with Allyon.
• Must hold an active Secret security clearance
• Must have a Bachelor's degree and 8+ years of experience
• Must have an active CompTIA Security+ Certification
Candidates cannot proceed in the application process without meeting the required qualifications listed above.
Allyon does not sponsor security clearance s and does not offer C2C opportunities for this role.
Why this Role Matters
This Cybersecurity Vulnerability Analyst role is vital because it helps protect critical U.S. Space Force systems by validating and assessing real‑world vulnerabilities reported by external researchers. By verifying findings, determining severity, and ensuring accurate, actionable reporting, the role strengthens the DoD's ability to identify and remediate weaknesses before adversaries can exploit them. This work directly enhances national security, supports secure space operations, and builds trusted communication between the DoD and the global security research community.
What You Will Do
• Responsible for reviewing and vetting security vulnerability reports submitted to the DoD VDP from outside hackers.
• The Analyst will evaluate the reports to ensure the vulnerability is reproducible and therefore valuable to the customer.
• They will assess each vulnerability for severity and assign an associated risk statement.
• The HackerOne Triage console tool will be utilized to assist in assigning and prioritizing reports.
• It will also assist the Analyst in helping identify duplicate submissions.
• Valid reports will be written in a DoD approved format and sent to the Vulnerability Management Analyst team for system owner coordination and mitigation.
• The Vulnerability Analyst will be a VDP liaison with the hacker community.
• Utilize offensive toolsets such as Kali Linux to safely analyze production networks and systems, documenting steps and procedures to produce usable vulnerability assessments for the customer.
• Identify and investigate vulnerabilities, assess exploit potential, and document findings and remedies for presentation to facilitate mitigations on customer systems.
• Conduct web application vulnerability assessment testing using both automated tools and manual web exploitation techniques, using tools such as Burp Suite and open-source toolsets.
• Utilize a variety of industry standard security tools to conduct automated scans against systems and applications.
• Develop and execute proof-of-concept exploits to demonstrate the real-world impact of identified vulnerabilities, utilizing various web exploitation methods.
Required Qualifications
• Utilize MITRE ATT&CK, CVSS, and NIST frameworks to assess vulnerability severity and risk impact.
• In-depth understanding of web exploitation concepts and techniques.
• Knowledge and understanding of the Open Web Application Security Project (OWASP) top 10.
• Experience operating in a professional IT or cybersecurity environment.
• Experience investigating security events, threats and/or vulnerabilities.
• Understand information security principles, technologies and practices.
• Excellent customer service skills.
Preferred Skills
• CEH, CCNA-Security, CySA+, OSCP (or equivalent), PenTest+ or similar certification a plus.
• Possess DoD 8570.01-M Information Assurance Technician (IAT) Level II Baseline Certification.
• Completed multiple Hack-The-Box penetration testing labs and challenges, developing hands‑on expertise in vulnerability enumeration, exploitation, privilege escalation, and post‑exploitation techniques within realistic, adversarial environments.
• Must possess an in-depth understanding of penetration testing methodology, including recon, exploit, persistence, etc.
• Must have a solid understanding of networking protocols, their uses, and their potential misuses.
• Programming experience in one or more languages, experience in HTLM/CSS or SQL.
• Experience with one or more scripting languages such as PowerShell, Bash, Python or Perl.
What's In It for You
At Allyon, your compensation goes beyond salary. Our Total Rewards program is designed to lower your costs, support your wellbeing, and give you confidence in your future.
Four flexible medical plan options with premiums averaging 15% below industry benchmarks
Up to $1,800 in annual wellness incentives plus monthly rewards that put money back in your pocket
$0 telemedicine visits and open access provider networks with transparent pricing
401(k) with modern planning tools plus HSA and FSA options for tax advantaged savings
Dental, vision, life, disability, and supplemental coverage including accident and critical illness
Paid time off starting on day one plus flexibility to support balance
Your compensation is designed to make a real difference day to day, giving you the support and confidence to do your best work and live well outside of it.
The expected salary range for this position is $165,000 to $180,000. Compensation is determined based on experience, technical expertise, certifications, clearance level, and alignment to mission requirements and work location. Allyon offers a comprehensive total rewards package including benefits and retirement contributions.
About Allyon
Allyon is a Federal solutions partner supporting Department of War, Intelligence, and Civilian agencies through expertise in Cybersecurity, Cloud Infrastructure & Engineering, Enterprise IT, and Program Management
For more than 15 years, we have helped government teams operate securely, efficiently, and confidently by delivering solutions that keep critical missions moving.
Our belief is simple. Mission success is built by people. We invest in our teams, our systems, and our culture with intention so our people can perform at their best and deliver when it matters most.
The Bottom Line
Ready to do meaningful work that supports real-world mission impact?
At Allyon, culture drives performance. We combine mission-critical work with a Total Rewards approach that invests in your health, financial security, and long-term growth.
If you want your skills to matter, your contributions to be recognized, and your compensation to reflect your value, this is your opportunity.
Apply today and join a people-powered team focused on mission success.
Linthicum Heights, MD
Support mission-critical vulnerability analysis operations for the United States Space Force by reviewing and vetting vulnerability reports submitted to the DoD VDP from outside hackers.
Before You Apply
This is a full-time W-2 position with Allyon.
• Must hold an active Secret security clearance
• Must have a Bachelor's degree and 8+ years of experience
• Must have an active CompTIA Security+ Certification
Candidates cannot proceed in the application process without meeting the required qualifications listed above.
Allyon does not sponsor security clearance s and does not offer C2C opportunities for this role.
Why this Role Matters
This Cybersecurity Vulnerability Analyst role is vital because it helps protect critical U.S. Space Force systems by validating and assessing real‑world vulnerabilities reported by external researchers. By verifying findings, determining severity, and ensuring accurate, actionable reporting, the role strengthens the DoD's ability to identify and remediate weaknesses before adversaries can exploit them. This work directly enhances national security, supports secure space operations, and builds trusted communication between the DoD and the global security research community.
What You Will Do
• Responsible for reviewing and vetting security vulnerability reports submitted to the DoD VDP from outside hackers.
• The Analyst will evaluate the reports to ensure the vulnerability is reproducible and therefore valuable to the customer.
• They will assess each vulnerability for severity and assign an associated risk statement.
• The HackerOne Triage console tool will be utilized to assist in assigning and prioritizing reports.
• It will also assist the Analyst in helping identify duplicate submissions.
• Valid reports will be written in a DoD approved format and sent to the Vulnerability Management Analyst team for system owner coordination and mitigation.
• The Vulnerability Analyst will be a VDP liaison with the hacker community.
• Utilize offensive toolsets such as Kali Linux to safely analyze production networks and systems, documenting steps and procedures to produce usable vulnerability assessments for the customer.
• Identify and investigate vulnerabilities, assess exploit potential, and document findings and remedies for presentation to facilitate mitigations on customer systems.
• Conduct web application vulnerability assessment testing using both automated tools and manual web exploitation techniques, using tools such as Burp Suite and open-source toolsets.
• Utilize a variety of industry standard security tools to conduct automated scans against systems and applications.
• Develop and execute proof-of-concept exploits to demonstrate the real-world impact of identified vulnerabilities, utilizing various web exploitation methods.
Required Qualifications
- Bachelor's degree and 8+ years of experience; OR Master's Degree and 6+ years of experience; OR 3 years with PhD. Bachelor's or Master's degree must be one of the following fields: Information Technology, Cybersecurity, Computer Science, Information Systems, Data Science, or Software Engineering. In lieu of a degree in one of these fields, an additional 4 years of relevant experience or specialized training may be considered.
- Active Secret security clearance
- Active CompTIA Security+
- In-depth understanding of information security principles and practices.
• Utilize MITRE ATT&CK, CVSS, and NIST frameworks to assess vulnerability severity and risk impact.
• In-depth understanding of web exploitation concepts and techniques.
• Knowledge and understanding of the Open Web Application Security Project (OWASP) top 10.
• Experience operating in a professional IT or cybersecurity environment.
• Experience investigating security events, threats and/or vulnerabilities.
• Understand information security principles, technologies and practices.
• Excellent customer service skills.
Preferred Skills
• CEH, CCNA-Security, CySA+, OSCP (or equivalent), PenTest+ or similar certification a plus.
• Possess DoD 8570.01-M Information Assurance Technician (IAT) Level II Baseline Certification.
• Completed multiple Hack-The-Box penetration testing labs and challenges, developing hands‑on expertise in vulnerability enumeration, exploitation, privilege escalation, and post‑exploitation techniques within realistic, adversarial environments.
• Must possess an in-depth understanding of penetration testing methodology, including recon, exploit, persistence, etc.
• Must have a solid understanding of networking protocols, their uses, and their potential misuses.
• Programming experience in one or more languages, experience in HTLM/CSS or SQL.
• Experience with one or more scripting languages such as PowerShell, Bash, Python or Perl.
What's In It for You
At Allyon, your compensation goes beyond salary. Our Total Rewards program is designed to lower your costs, support your wellbeing, and give you confidence in your future.
Four flexible medical plan options with premiums averaging 15% below industry benchmarks
Up to $1,800 in annual wellness incentives plus monthly rewards that put money back in your pocket
$0 telemedicine visits and open access provider networks with transparent pricing
401(k) with modern planning tools plus HSA and FSA options for tax advantaged savings
Dental, vision, life, disability, and supplemental coverage including accident and critical illness
Paid time off starting on day one plus flexibility to support balance
Your compensation is designed to make a real difference day to day, giving you the support and confidence to do your best work and live well outside of it.
The expected salary range for this position is $165,000 to $180,000. Compensation is determined based on experience, technical expertise, certifications, clearance level, and alignment to mission requirements and work location. Allyon offers a comprehensive total rewards package including benefits and retirement contributions.
About Allyon
Allyon is a Federal solutions partner supporting Department of War, Intelligence, and Civilian agencies through expertise in Cybersecurity, Cloud Infrastructure & Engineering, Enterprise IT, and Program Management
For more than 15 years, we have helped government teams operate securely, efficiently, and confidently by delivering solutions that keep critical missions moving.
Our belief is simple. Mission success is built by people. We invest in our teams, our systems, and our culture with intention so our people can perform at their best and deliver when it matters most.
The Bottom Line
Ready to do meaningful work that supports real-world mission impact?
At Allyon, culture drives performance. We combine mission-critical work with a Total Rewards approach that invests in your health, financial security, and long-term growth.
If you want your skills to matter, your contributions to be recognized, and your compensation to reflect your value, this is your opportunity.
Apply today and join a people-powered team focused on mission success.
group id: 10172204