System Vulnerability Analyst 4

We are looking for a System Vulnerability Analyst to identify vulnerabilities of and attacks to the design and operation of a system (H/W, S/W, personnel, procedures, logistics, and physical security) by relating vulnerabilities and attacks to effects on operations and missions supported by those systems. You will compare and contrast various system attack techniques and develop operationally effective countermeasures. You will also produce formal and informal reports, briefings, and perspectives of actual and potential attacks against the systems or missions being studied.


The Level 4 System Vulnerability Analyst shall possess the following capabilities:

• The ability to exploit captured media and/or investigate computer security incidents in order to derive useful intelligence and/or enable mitigation of network vulnerabilities.


• Relevant experience must be in the design/development of computer or information systems, programming, computer/network security, vulnerability analysis, penetration testing, computer forensics, and/or systems engineering.


• Red team experience required.


• Blue and purple team experience is required.


• OCONUS Travel is required.


• Zero Trust Experience rel to CNE, CNO, network infrastructure, architecture and hardening is a plus.


• Analyst should be comfortable with network analysis, network anomaly detection, IOC's MITRE ATT&CK framework, NIST/ISO 27001 and able to analyze data to discover malicious or unauthorized activity collected from various sources.


• Minimal python is a plus.


• Having a pen testing experience is a plus.

Qualifications:

• Doctoral degree with 7 years of relevant experience.


• Master's degree with 9 years of relevant experience.


• Bachelor's Degree with 11 years of relevant experience.


• Associates degree with 13 years of relevant experience.


• Degree must be in Computer Science or a related field (e.g. General Engineering, Computer Engineering, System Engineering, Mathematics, Computer Forensics, Cyber Security, Information Technology, Information Assurance, and Information Security.


• Completion of military training in a relevant area such as JCAC (Joint Cyber Analysis Course), Undergraduate Cyber Training (UCT), Network Warfare Bridge Course (NWBC)/Intermediate Network Warfare Training (INWT), Cyber Defense Operations will be considered towards the relevant experience required (i.e. 20-24 weeks course will count as 6 months of experience, 10-14 weeks will count as 3 months or experience).

Certifications Required:

• Information Assurance Certification may be required.

TS/SCI with polygraph is required.