The Vulnerability Management Team member will provide technical support to the DoD Vulnerability Disclosure Program (VDP) for the Defense Cyber Crime Center (DC3). These activities directly support the mission to improve defense of the DoD Information Network (DoDIN), by receiving, validating, and disseminating cybersecurity vulnerabilities reported by private-sector researchers. The VDP team tracks and analyzes reported vulnerabilities and mitigation actions by systems owners to identify gaps in DoDIn defenses; areas requiring increased attention, and areas for improvement.
- Expert technical understanding of software and web application security and common vulnerabilities (CWE, CVE)
- Demonstrated technical ability to validate web vulnerabilities on live DoD web properties using manual techniques, resourceful problem-solving, and common tools
- Demonstrated ability to recognize, interpret, and communicate in information assurance vulnerability management (IAVM), Risk Management Framework (RMF), and security technical implementation guides (STIGs)
- Demonstrated knowledge of various software testing methodologies, test case creation and the reporting process
- Knowledge of current DoD cyber security challenges and threats
- Familiar with Layer 2/3 network and security appliance capabilities; familiar with TCP/IP protocol stack
- Strong verbal and written communication skills; ability to provide expert review of accurate and timely technical reports for release to external customers
- Flexibility to adapt to dynamic work environment to meet organizational requirements
- Ability to use sound judgement when conducting live testing to avoid or minimize impact to production services and data
- Superior organizational skills to analyze, develop, and deliver detailed reports to meet short suspense windows
- Aware of industry trends; IoT, ICS/SCADA, containerization technologies, Dev-Sec-Ops
- Certifications (any): CEH, GCIH, Security+, CCNA Cyber Ops, GWAPT, GPEN, OSCP, OSWE
- Minimum clearance active Secret required
• Certifications (any): CEH, GCIH, Security+, CCNA Cyber Ops, GWAPT, GPEN, OSCP, OSWE
• Strong attention to detail and ability to prepare documents for customer review
Peterson Technologies will provide reasonable accommodations to applicants who are unable to utilize our online application system due to a disability.
Please send your resume to HR at firstname.lastname@example.org or call 240-456-0092.
Peterson Technologies is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristics protected by law.