Apex Systems is looking to hire a Threat and Vulnerability Engineer in Ft. Belvoir, VA. This individual will be responsible for identifying threats and driving out vulnerabilities for a large DoD client. The ideal candidate will have excellent analytical, engineering, communication, and technical skills including web scanning, performing vulnerability trending using ACAS, and validation of C&A activity. This role will include performing offensive security measures including threat hunting and red team activity.
If you are qualified and interested in learning more about this opportunity, please email your resume to firstname.lastname@example.org.
Threat and Vulnerability Engineer
Ft. Belvoir, VA
- Threat hunting using Splunk.
- Utilizes Assured Compliance Assessment Solution (ACAS) to perform vulnerability trending for subscriber systems.
- Performs web scans on organizational public-facing websites using Burp to scan for vulnerabilities.
- Assesses and mitigates system security threats/risks throughout the program life cycle.
- Validates system security requirements definition and analysis.
- Establishes system security designs.
- Implements security designs in hardware, software, data, and procedures.
- Verifies security requirements.
- Performs system validation of certification and accreditation activity and supports secure systems operations and maintenance.
- Apprises the Subscriber of audit findings and suggests mitigation actions.
- Reports results to the Independent Verification & Validation team for further analysis and remediation coordination.
- Stays abreast of new technology and their potential for application in the organizational security stack.
- Briefing key stakeholders.
- Ability to obtain and maintain an Active DoD Secret Clearance (minimum)
- 8570 IAT Level II and CNDSP Auditor Certification (Sec+CE and CEH or Sec+CE and GSNA or CISA)
- 5+ years of relevant experience (information assurance and cyber security operations)
- BS in Computer Science, Engineering, or other related discipline from an accredited college or university is desired
- Familiarity with:
- Assured Compliance Assessment Solution (ACAS)
- STIGs and hardening guidance
- HBSS and malware systems
- External assessments (Red Team/Blue Team processes)
- Network security stacks
- Burp, Web Inspect, w3af, nikto
- Kali Linux
Apex is an Equal Employment Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at email@example.com or 844-463-6178.