logo

View all jobs

Vulnerability Assessment & Analysis Specialist (Level 2)

Fort George G Meade, MD · Information Technology
The Level 2 Vulnerability Assessment & Analysis Specialist shall possess the following capabilities: 
  • Knowledge of Common Vulnerabilities and Exposures (CVEs), cyber threats, and vulnerability mitigation strategies.
  • Conduct research and analysis to stay up to date with current vulnerabilities, provide detailed risk analysis and potential impact.
  • Utilize multiple data sources to determine a vulnerability’s security impact on the enterprise.
  • Analyze, assess, compile, and prioritize vulnerabilities to document and communicate mitigation recommendations.
  • Communicate written and verbal information in a timely, clear, and concise manner. 
  • Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • Understand network security architecture concepts such as topology and protocols. 
  • Understand what constitutes network risk, cyberattacks, and the relationship between threats and vulnerabilities.
  • Analyze vulnerability scans.
  • Recognize security implications of vulnerabilities and assess within the context of the risk management process.
  • Utilize analysis tools, such as Verodin, Nessus, or RedSeal, to identify vulnerabilities.
  • Write comprehensive risk assessments on vulnerability impacts.
  • Utilize automated and manual testing methods to validate the vulnerability testing methods; discover inadequate security practices.
  • Identify secondary effects of vulnerabilities and exposures, as well as the impact of the mitigations applied to them.
  • Perform after-action reviews of team products to ensure completion of analysis. (U) Lead and mentor team members as a technical expert.
Qualifications: 
  • Four (4) years of demonstrated experience as a VAA in programs and contracts of similar scope, type, and complexity is required.
  • One (1) year of demonstrated experience in technical reporting.
  • One (1) year of demonstrated experience in network and threat analysis.
  • A technical bachelor’s degree from an accredited college or university may be substituted for two (2) years of VAA experience on projects of similar scope, type, and complexity

More Openings

Countermeasures
Cyber Fusion Analyst
Software Engineer (Level 2)
Systems Administrator (Level 2)
Vulnerabilities Analyst

Share This Job

Powered by