1,916 Vulnerability Assessment jobs in the United States

Join to apply for the Penetration Tester/Vulnerability Assessment Specialist role at Inferno Systems, Inc.

5 months ago Be among the first 25 applicants

Join to apply for the Penetration Tester/Vulnerability Assessment Specialist role at Inferno Systems, Inc.

Location: McLean, VA US

Security Clearance Requirement: TS/SCI with Full Scope Polygraph

Clearance Status: Must be Current

Job Description

Inferno Systems is currently looking to hire individuals for our Vulnerability Assessment positions. Candidates should have a minimum of 7+ years experience performing vulnerability assessments or any related fields such as penetration testing. Candidates must possess the required skills listed below. Candidates with experience in any of the desired skills and technologies below would be a plus but are not required.

Job Summary

We are looking for Vulnerability Assessment professionals whose work will directly impact U.S. policymakers, military officials and law enforcement agencies. You will use both COTS and GOTS software to identify vulnerabilities, assess impact and determine remediation actions based on your findings. You will be able to use a variety of techniques to determine impact and remediation steps for specific customer environments and scenarios. Your work will have high visibility among our customers and they will look to you for expertise, guidance, operational understanding and methods and plans to achieve mission success. In addition, this position will provide the opportunity to grow into more challenging roles with higher levels of technical expertise in the penetration testing field.

Required Skills

• Solid understanding of networking, TCP/IP, and application level protocols such as HTTP/S.
• Ability to create and operate virtual machines in different virtual environments such as VMware vSphere, Virtual Box and/or others.
• Demonstrated real world experience performing grey and black box security assessments.
• General understanding of exploitation concepts including phishing and social engineering tactics, buffer overflows, fuzzing, SQLi, MiTM, covert channels, secure tunneling and open source exfiltration techniques.
• Experience using security assessment tools such as Nessus, BurpSuite and others.
  
  

• Malware analysis or digital computer forensics experience is a plus.
• Cyber related Law Enforcement or Counterintelligence experience.
• Existing Subject Matter Expert of Advanced Persistent Threats and Emerging Threats.
• Proactive interest in emerging technologies and techniques related to penetration testing.
• Understanding of risk planning and mitigation strategies.
• Ability to prepare and present documents and briefing materials.
• Experience performing Red Team and/or Blue Team Operations.
  
  

• Microsoft Windows (7 - 10, Server 2008-2016)
• UNIX (Solaris, HP-UX, etc.,) Operating System versions
• Common Linux distributions including RHEL / CentOS and Debian / Ubuntu
• OSX / iOS and Android
• VMware / ESXi / KVM / OpenVZ or other virtualized environments
• BSD variant Operating Systems versions
  
  

• Java / C++ / C
• Bash / Perl / Powershell / Python
  
  

• WiFi/WiMax/Bluetooth technology (hardware or core software)
• Wired telephony technology (hardware or core software)
• Mobile telephony technology (hardware or core software)
  
  

• Cisco
• Juniper
• Common firewalls and security appliances
  
  

• Common web application vulnerabilities like XSS, CSRF, Command Injection, SQLi, single sign-on limitations, etc.
  
  

• Proficiency in any of the following: PowerShell Empire, Metasploit Framework, Cobalt Strike, Burp Suite, Canvas, Kali Linux, IPTables, Sysinternals, A/V evasion methodologies, exploit development.
  
  

• Advanced GIAC and/or (ISC)2 network/cyber security specialties such as OSCP, OSCE, GPEN, GWAPT, GPEN, GXPN, CEH, CISSP.

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Computer and Network Security

Referrals increase your chances of interviewing at Inferno Systems, Inc. by 2x

Ashburn, VA $85,150.00-$53,925.00 1 week ago

Reston, VA 70,000.00- 85,000.00 1 week ago

Herndon, VA 90,000.00- 115,000.00 1 week ago

Tysons Corner, VA 10,000.00- 215,000.00 1 day ago

Herndon, VA 70,000.00- 76,000.00 1 week ago

Herndon, VA 10,000.00- 195,000.00 1 day ago

Were unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Job Description

Position Title

Vulnerability Assessment Analyst and Penetration Tester (Contingent)

Work Location

Applicant must be authorized to work in the United States, five days onsite at Camp Pendleton, CA.

Position Description

The Vulnerability Assessment Analyst and Penetration Tester is responsible for the delivery of continuous cyber assessments, solving complex technology problems, building tools, and identifying and influencing response to and mitigation of threats. Perform manual assessment of systems, services, and software; specializing in security issues beyond those identified by static analysis tools. The individual ensures services, applications, and websites are designed and implemented to the highest security standards. Responsible for application and hardware penetration testing, automating repetitive tasks using various scripting languages, mentoring, and leading other engineers to deliver complex penetration tests and vulnerability assessments. The individual will be expected to drive automation, tooling, efficiency, and advance the teams penetration testing capabilities. Responsible for creating threat mitigation plans.

Minimum Position Requirements:

• Five years of hands-on penetration testing experience with operating systems, web applications, and network infrastructure.
• Administrator-level knowledge of Windows and Linux Server operating systems.
• Experience with operating system security.
• Competent with testing frameworks and tools, such as Burp Suite, Metasploit, Cobalt Strike, Kali Linux, Nessus, PowerShell Empire.
• Knowledge of the functionality and capabilities of computer network defense technologies, including router Access Control Lists (ACLs), firewalls, Intrusion Detection System (IDS)/Intrusion Prevention System (IPS), antivirus/Endpoint Detection and Response (EDR), and web content filtering.
• Strong written and verbal communication skills, including the ability to explain complex technical topics to non-technical audiences.
• Possess one of the following certifications upon onboarding:
  • Offensive Security Certified Professional (OSCP)
  • Offensive Security Web Assessor (OSWA)
  • GIAC Web Application Penetration Tester (GWAPT)
  • GIAC Penetration Tester (GPEN)
  • GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
  • Offsec Experienced Penetration Tester (OSEP)
  • Offsec Web Expert (OSWE)

Obtain one of the following certifications within 9 months of onboarding:

• o GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
• o Offsec Experienced Penetration Tester (OSEP)
• o Offsec Web Expert (OSWE)

Reports To

Assigned Program Manager

Security Clearance Requirements

Current Secret clearance with ability to transfer required. Position supports federal contracts with immediate clearance verification requirements. Clearance level will be verified prior to the start date. Must be able to maintain clearance throughout employment with clearance reciprocity/transfer.

Travel Requirements

Travel is anticipated to be 10% - 15% within the Continental United States and 5%-10% outside the Continental United States

Benefits & Compensation

• New employees are eligible to participate in the company’s benefits plan on their day of hire unless
• Medical Insurance
• Vision & Dental Insurance
• Long Term & Short-Term Disability, Group Life and AD&D Insurance
• Flexible Spending Plan
• Health Savings Account
• 401(k) Savings Plan – 100% match for the first 3% contributed plus 50% of the next 2% contributed. (no vesting period and eligibility is your date of hire).
• Paid holidays – Eleven (11) per year
• Paid Time Off - One hundred-twenty (120) accrued hours per year
• Professional Development Program
• Salary will be determined based on the individual’s education and experience level noted otherwise.

Overview

Lumbee Holdings is a leading provider of IT Support, Cybersecurity and Training and Development to the Department of Defense (DoD) and other government agencies. We are seeking a dynamic and experienced Business Development Manager to drive growth and expand our presence in the defense sector.

Equal Employment Opportunity Policy Statement

It is the policy of Lumbee Tribe Holdings, Inc. and its subsidiaries (the “Company”) not to discriminate against any employee or applicant for employment because of race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, marital status, genetic information, mental or physical disability (and medical condition, for employees in California) or because he or she is a protected veteran. It is also the policy of the Company to take affirmative action to employ and to advance in employment, all persons regardless of race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, marital status, genetic information, mental or physical disability (and medical condition, for employees in California) or protected veteran status, and to base all employment decisions only on valid job requirements. This policy shall apply to all employment actions, including but not limited to recruitment, hiring, upgrading, promotion, transfer, demotion, layoff, recall, termination, rates of pay or other forms of compensation and selection for training, including apprenticeship, at all levels of employment.

Employees and applicants of the Company will not be subject to harassment on the basis of race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, marital status, genetic information, mental or physical disability (and medical condition, for employees of California) or because he or she is a protected veteran. Additionally, retaliation, including intimidation, threats, or coercion, because an employee or applicant has objected to discrimination, engaged or may engage in filing a complaint, assisted in a review, investigation, or hearing or have otherwise sought to obtain their legal rights under any Federal, State, or local EEO law is prohibited.

NOTE: These statements are intended to describe the general nature and level of work involved for this job. It is not an exhaustive list of all responsibilities, duties, and skills required of this job.

The Cyber Vulnerability Assessment Analyst (CVAA) is responsible for ensuring operational excellence of cyber security vulnerability management activities, including but not limited to: Performing vulnerability assessments on PSH and COM Information Cyber, Security, Health, Analyst, SEC, Management, Healthcare

Financial Analysis and Strategy Position

We are seeking a highly skilled Actuarial Analyst II to join our team. This individual will be responsible for developing new product opportunities within the insurance sector.

The successful candidate will possess a strong background in actuarial methodologies and have experience in independently applying these principles to complete structured projects.

This role is remote eligible, however, individuals residing within a 60-mile radius of our office will be expected to work on-site four days per week.

• Independently applies actuarial methodologies to complete structured projects
• Builds tools to test and implement new methodologies that improve accuracy of actuarial analysis
• Identifies and improves existing processes using actuarial, mathematical, or statistical techniques
• Proactively resolves technical issues and identifies appropriate issues for escalation
• Assists others with troubleshooting issues
• Creates instructions and training materials for actuarial tools and processes
• Mentors new team members
• Applies business acumen to provide actionable insights that help solve business problems
• Effectively communicates insights and solutions to broad audiences including actuarial and non-actuarial partners
• Ensures risks associated with business activities are effectively identified, measured, monitored, and controlled in accordance with risk and compliance policies and procedures

Our employees enjoy best-in-class benefits to support their physical, financial, and emotional wellness. These benefits include comprehensive medical, dental and vision plans, 401(k), pension, life insurance, parental benefits, adoption assistance, paid time off program with paid holidays plus 16 paid volunteer hours, and various wellness programs.

Additionally, our career path planning and continuing education assists employees with their professional goals.

Preferred qualifications include:

• P&C Personal Lines Actuarial experience
• Actuarial experience in innovative and non-standard lines of business
• Experience with deploying new products
• Demonstrated creative problem-solving ability
• US military experience through military service or a military spouse/domestic partner

Job Description

Provide Advisory and Assistance Support (A&AS) to support the NC3 Enterprise Center with the day-to-day responsibility for overseeing and managing NC3 operations, maintaining enterprise-wide visibility, assessing comprehensive operational and technical risk, and, with the active NC3 Enterprise Stakeholder participation, developing, presenting, and advocating future capabilities, risk management options, and prioritization recommendations to the Chairman Joint Chief of Staff (CJCS) and Deputy Secretary of Defense (DepSecDef) on behalf of all NC3 Stakeholders. The focus of this task order is for the contractor to provide subject matter expertise in conducting systems analysis, systems engineering, technical analysis, solution integration, operations assessment, operations analysis, risk management, requirements identification, requirements advocacy, intelligence assessments, technology identification, identifying future concepts and architectures, and other assigned tasks supporting CDRUSSTRATCOM's ability to plan and execute Strategic Deterrence and NC3 operations to accomplish the mission as outlined in the National Defense Strategy

POSITION REQUIREMENTS

At least 5 years of experience in the following:

Operation capabilities and procedures, and experience in the operations platforms, communications, and modes of operations. Desire: NC2/NC3 background to include an understanding of Chairman, Joint Chiefs of Staff Instructions, Manuals, and nuclear Emergency Action Procedures.

At least 3 years of experience in the following:

Familiarity with the Joint Risk Analysis process and how it applies to NC3enterprise; applying NC3 expertise, providing support for timely NC3 risk capability assessments and advice on mitigation options; experience employing cross-cutting methodology to measure risk for integrated systems; proficiency in building risk metrics and maintaining a framework for assessments.

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender, gender identity, national origin, disability status, protected veteran status or any other characteristic protected by law. Constellation West will not discharge or, in any other manner, discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)

ABOUT THE ORGANIZATION

Constellation West is an award-winning company that delivers Information Technology (IT) engineering services and solutions along with non-IT subject matter expertise worldwide. Established in 1997, Constellation West is an industry leader, partnering with key organizations. As a prime contractor or preferred subcontractor, we have a continual list of opportunities to fill across the nation with multiple agencies such as the Department of Veteran Affairs, the Department of Defense, civilian agencies, and the national intelligence community. Many of the positions supporting U.S. federal government require our employees be granted security clearances.

Constellation West provides fully integrated solutions spanning all aspects of system/network engineering, system/network administration, data management, information assurance, quality assurance, full lifecycle support, software development, and geospatial information services. Constellation West looks for the right people ready to step up and be part of a dynamic team.

If you are looking for a new challenge and a rewarding opportunity to apply your expertise, knowledge, and problem solving skills, come join our team! Constellation West offers competitive salary and benefits including:

• Tuition reimbursement

• Competitive 401(k) plan

• Competitive Health Benefits

• 10 Paid Holidays!

• 15 PTO Days!

• Veteran Hiring Preference

Constellation West is proud to be an EEO/AA employer M/F/D/V