Vulnerability Assessment Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

Amyx, Inc. · 2 hours ago

Vulnerability Assessment Analyst

positionSt Louis, MO
timeFull-time
remoteHybrid
seniorityMid Level

Amyx is seeking to hire a Vulnerability Assessment Analyst-Intermediate to support our Cybersecurity Division and Intel client in the St. Louis, MO area. The role involves analyzing cyber defense policies, conducting penetration testing, and preparing audit reports to improve the organization's cybersecurity posture.

Cyber SecurityInformation TechnologySoftware
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance Requirednote

Responsibilities

Analyze organization's cyber defense policies and configurations and evaluate compliance with regulations and organizational directives
Conduct and/or support authorized penetration testing on enterprise network assets.Maintain deployable cyber defense audit toolkit (e.g., specialized cyber defense software and hardware) to support cyber defense audit missions
Maintain knowledge of applicable cyber defense policies, regulations, and compliance documents specifically related to cyber defense auditing
Prepare audit reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions
Conduct required reviews as appropriate within environment (e.g., Technical Surveillance, Countermeasure Reviews [TSCM], TEMPEST countermeasure reviews)
Perform technical (evaluation of technology) and nontechnical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, supporting infrastructure, and applications)
Make recommendations regarding the selection of cost-effective security controls to mitigate risk (e.g., protection of information, systems and processes)
Performs assessments of systems and networks within the NE or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities

Qualification

Vulnerability AssessmentPenetration TestingCybersecurity PrinciplesIntrusion DetectionNetwork Analysis ToolsRisk AssessmentsSocial Engineering TechniquesTechnical WritingCommunication Skills

Required

Bachelor degree or higher from an accredited college or university (Recommend an accredited Computer Science, Cyber Security, Information Technology, Software Engineering, Information Systems, or Computer Engineering degree; or a degree in a Mathematics or Engineering field.) Clearance TS/SCI-subject to CI poly upon request
8140 Certification IAT Level 2 and Two Penetration Testing Certifications GPEN, GWAT, GCIH, CEH, GPYC, LPT, CPT
Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems
Skill in assessing the robustness of security systems and designs
Skill in detecting host and network based intrusions via intrusion detection technologies (e.g., Snort)
Skill in mimicking threat behaviors
Skill in the use of penetration testing tools and techniques
Skill in the use of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.)
Skill in using network analysis tools to identify vulnerabilities. (e.g., fuzzing, nmap, etc.)
Skill in reviewing logs to identify evidence of past intrusions
Skill in conducting application vulnerability assessments
Skill in performing impact/risk assessments
Skill to develop insights about the context of an organization's threat environment
Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)

Preferred

Ability to identify systemic security issues based on the analysis of vulnerability and configuration data
Ability to apply programming language structures (e.g., source code review) and logic
Ability to share meaningful insights about the context of an organization's threat environment that improve its risk management posture
Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)

Benefits

Medical, Dental, and Vision Plans (PPO & HSA options available)
Flexible Spending Accounts (Health Care & Dependent Care FSA)
Health Savings Account (HSA)
401(k) with matching contributions
Roth
Qualified Transportation Expense with matching contributions
Short Term Disability
Long Term Disability
Life and Accidental Death & Dismemberment
Basic & Voluntary Life Insurance
Wellness Program
PTO
11 Holidays
Professional Development Reimbursement

Company

Amyx, Inc.

twittertwittertwitter
company-logo
At Amyx, Inc., a wholly owned subsidiary of Tetra Tech, our mission is to exceed our customer's expectations on every contract, to provide an environment that encourages, recognizes and rewards the extraordinary contributions of our employees, and to advance and support the communities in which we work and live.
dateFounded in 1999
location
Reston, Virginia, USA
people-size501-1000 employees
web-link
http://amyx.com/

Funding

Current Stage
Late Stage
Total Funding
unknown
2023-01-05Acquired

Leadership Team

leader-logo
William Schaefer
CEO and President
linkedin

Recent News

citybiz
EY US Announces 2025 Entrepreneur Of The Year Mid-Atlantic Award Finalists
2025-04-24
ExecutiveBiz
Amyx Welcomes Rick Schult as Chief Operating Officer; William Schaefer Quoted
2024-02-09
WashingtonExec
Amyx Taps Rick Schult as COO
2024-02-09
Company data provided by crunchbase