Secured Cyber is looking to fill IMMEDIATELY two Senior Vulnerability Assessment Engineer position to perform duties related to Penetration Testing and Vulnerability Analysis at the Drug Enforcement Administration Security Operation Center in Sterling, VA. These are direct-hire positions with our company and do require a current SECRET clearance, eligible for upgrade to TS.


DO NOT APPLY UNLESS YOU HAVE A CURRENT SECRET OR TS INVESTIGATION THAT IS ACTIVE.


MUST HAVE RELATED EXPERIENCE TO APPLY


Please understand that these positions will allow for significant growth with the ability to gain training and experience in several Cyber Security tools.


Senior Vulnerability Assessment Engineer (Mon-Fri) day shift.   Currently requires 3 days ONSITE in Sterling, VA and 2 days remote.

 

Applicant must have:

  • SECRET or TS clearance
  • 6+ years Information Technology / Cyber Security Experience
  • 3+ years Vulnerability Assessments
  • 1+ years Penetration Testing with CURRENT employer -- highly desired
  • Qualys Vulnerability assessment experience—highly desired
  • BS Degree in Information Technology discipline -- or additional 4 years experience

 


Responsibilities:

  • Standard vulnerability assessments utilizing Qualys Cloud Platform for Operating Systems and Database scanning.
  • Standard web applications scanning utilizing BurpSuite and Qualys Cloud Platform
  • Standard database compliance audits utilizing both Qualys and DBProtect
  • Blue Team and Red Team Penetration Testing utilizing various tools such as Kali Linux, NMAP, Wireshark, MetaSploit, Nessus, etc.

 

Highly desired skills:

  • Experience PenTesting (Kali Linux, NMAP, etc) in current position
  • Experience with Qualys vulnerability scanning


Certifications desired:

  • LPT Licensed Penetration Tester
  • OSCP Offensive Security Certified Professional


Education MANDATORY:

Must possess a minimum of a Bachelors Degree in Computer Science, Information Technology or Information Security or additional 4 years Cyber Security Experience as substitute for degree.


Core Knowledge, Skills, Abilities (KSAs) – Ensure your RESUME reflects these KSAs:

  • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • Knowledge of application vulnerabilities.
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
  • Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities.
  • Knowledge of penetration testing principles, tools, and techniques.
  • Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
  • Skill in the use of penetration testing tools and techniques.
  • Skill in using network analysis tools to identify vulnerabilities (e.g., fuzzing, nmap, etc.).
  • Skill in conducting application vulnerability assessments.
This job is currently not open for applications. Would you like to see our other open positions?