SME Cyber Vulnerability Assessment Analyst - TS/SCI Required @ cFocus Software Incorporated | Jobright.ai
JOBSarrow
RecommendedLiked
0
Applied
0
External
0
SME Cyber Vulnerability Assessment Analyst - TS/SCI Required jobs in USA
132 applicants
company-logo

cFocus Software Incorporated · 3 hours ago

SME Cyber Vulnerability Assessment Analyst - TS/SCI Required

ftfMaximize your interview chances
ChatbotGovernment
check
Growth Opportunities
badNo H1BnoteSecurity Clearance Requirednote

Insider Connection @cFocus Software Incorporated

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Responsible for leading penetration testing, developing advanced security scenarios and testing systems against those scenarios, developing advanced security architectures for the implementation of custom countermeasures, provides security considerations to advise system engineering teams with the objective to reduce errors, flaws, and weaknesses that may constitute security vulnerability, performing advanced code analysis, and performing advanced protocol analysis for nation-state and state-sponsored cyber threat actor capabilities.
Ensure an industry’s best practice implementation utilizing agile practices for scanning and end to end vulnerability remediation as well as assist in all information security planning, compliance and risk management, manage teams, ensure they have appropriate skill sets, and tie the teams and results together
Identify vulnerabilities and understand and recommend countermeasures
Analyze the network to determine if appropriate security is applied
Possess and apply knowledge NIST RMF
Develop and implement test plans and ensure execution
Evaluate the costs and benefits of security functions and considerations from analysis of alternatives, engineering trade-offs and risk treatment decisions.
Provide assessment support and remote or site visits for CISA information systems.
Perform detailed assessments of the security controls that have been identified and implemented for systems as part of the RMF process.
Collaborate with product teams to assess cloud security standards and verify controls are implemented for hardening infrastructure, hardening infrastructure-as-code, hardening CI/CD pipelines, and hardening containers.
Employ test plans and test procedures tailored to the security controls of the system under test.
The tools and techniques could include, but are not limited to, manual test procedures or analysis, web assessment software, vulnerability scanning tools, penetration test tools, and or contractor-developed custom scripts.
Tools and techniques consist of manual testing, vulnerability scans, and penetration testing.
Automate testing functions and adopt OffSecOps development practices to include development of ansible or terraformed testing procedures and infrastructure development that can be automated to quickly deploy and test various targets.
Prepare a detailed weekly status of all activities, including status of assessments and any other pertinent data points as requested by the Government

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Active TS/SCI clearanceSecurity Engineer experienceCloud security assessmentReverse EngineeringComputer ForensicsAdversarial EmulationsIncident ResponseVulnerability AssessmentRisk MitigationPenetration TestingAWSKubernetesDockersLinuxWindowsNIST RMF knowledgeSaaSPaaSIaaSVulnerability scanning toolsPenetration test toolsAnsibleTerraform

Required

Active TS/SCI clearance
10+ years of proven experience as a Security Engineer with supervisory/leadership abilities to oversee large teams responsible for planning, analyzing, implementing, and maintaining many different projects
Experience assessing security implementation of cloud and hybrid environments to include pipelines, applications and services
10+ years of experience with Reverse Engineering, Computer Forensics, Adversarial Emulations, Incident Response, Vulnerability Assessment and Management, Risk and Threat Mitigation, and Penetration Testing
10+ years of technical experience using concepts such as (SaaS, PaaS, & IaaS)
10+ years of experience working with AWS, Kubernetes, Dockers, Linux, Windows

Company

cFocus Software Incorporated

twittertwitter
company-logo
cFocus Software automates FedRAMP compliance and develops government chatbots for the Azure Government Cloud, Office 365, and SharePoint.

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
Manisha Griesinger, MPH, MSc
Program Manager | U.S. EPA Office of the Chief Financial Officer
linkedin
Company data provided by crunchbase
logo

Orion

Your AI Copilot