Cybersecurity Analyst Exploit SME (Job Number:441287)
- SAIC is seeking a Cybersecurity Exploit Analyst who will be a member of technical engineering and services solutions to a DoD Cyber Security Service Provider (CSSP) in support of mission critical DoD systems in Stafford, VA The successful candidate will be responsible for providing capabilities necessary to review exploit code, their associated vulnerabilities, discover enterprise security discrepancies, assess associated risks and assist in the development of remedial action in coordination with the Mitigation Action Team.
- Create and maintain the body of documentation that describes the tactics, techniques, and procedures that comprise the Enterprise Network Exploit Analyst team.
- Prioritize mitigation actions based on assessed risk upon discovery of critical exploits and vulnerabilities within the lab and production environments.
- Perform trend analysis of all available reporting within the DCOS to include review of open/closed incidents, identified exploits, and scan results.
- Provide operational network exploitation and cyber threat emulation testing support towards local area network and wide area network systems and components.
- Develop plans to successfully conduct network exploitation, penetration testing, cyber threat emulation and Red Team operations.
- Research existing exploit code and/or develop proof-of-concept or exploit code for test and evaluation of mitigation solutions.
- Provide courseware maintenance and course materials in support of Watch Team, Incident Response, Advanced Incident Handling, Hunt, Malware and Forensics, Exploit Analysis, Host Based Security, Network Sensor Support, Signature Development, Mitigation Action, and Red Team.
Required Education and Experience:
- Must Possess an IAT Level III certification (CASP CE, CCNP Security, CISA, CISSP, GCED, or GCIH) required prior to first day on the job.
- Bachelor’s Degree or four years of experience in lieu of degree, plus 14 years of experience required.
- Must have a TS/SCI security clearance
- Experience with Enterprise Network Exploit, and threat analysis.
- Experience performance various assessments (penetrations tests of systems and networks) within a DoD Network Environment of enclave
- Experience developing exploit code of network and system penetration testing
- Experience performing penetration testing of web applications
- Experience developing specialized applications for the assessment and security testing of web applications
- Experience developing specialized applications for the assessment and security testing of web applications.
- Experience developing and maintaining custom applications that exploit known system vulnerabilities or system miss- configurations to configurations to gain system command and control during red team operations
- Knowledge of DoD Security Controls to include DISA Security Technical Implementation Guidelines (STIG) and the DoD IA Certification and Accreditation Process and Risk Management Framework (RMF)
- Experience in Computer Network Defense (CND) technology Enterprise Network Exploit, and threat analysis, or related field.
- Malware and Forensics experience which includes performing assessments of systems and networks within the network environment or enclave and identify where those systems/networks deviate from acceptable configurations, enclave policy, or local policy.
- Knowledge and experience with Incident Handling, Forensic Collection, Intrusion correlation tracking, and threat analysis.
Certified Information System Security Professional (CISSP or Associate)
- System Security Certified Practitioner (CCNP Security
- Certified Information System Manager (GCED)
- Certified Information Security Auditor (CCIH)
SAIC Overview:SAIC is a premier technology integrator providing full life cycle services and solutions in the technical, engineering, intelligence, and enterprise information technology markets. SAIC is Redefining Ingenuity through its deep customer and domain knowledge to enable the delivery of systems engineering and integration offerings for large, complex projects. SAIC's approximately 15,000 employees are driven by integrity and mission focus to serve customers in the U.S. federal government. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $4.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see My SAIC Benefits. EOE AA M/F/Vet/Disability
Job Posting: Oct 29, 2018, 10:14:01 AM
Primary Location: United States-VA-STAFFORD
Clearance Level Must Currently Possess: Top Secret/SCI
Clearance Level Must Be Able to Obtain: Top Secret/SCI with Polygraph
Potential for Teleworking: No
Travel: Yes, 10% of the time
Shift: Day Job