- Bachelor's Degree
- Master's Degree
- NIST Standards
- SANS GIAC
- Qualitative Analysis
Lead delivery teams of cyber attack surface domain specialists, including intelligence analysts, vulnerability management specialists, asset inventory analysts, Risk Management Framework specialists in the discovery of risk exposure points in federal agencies' infrastructure that could potentially result in cyber attacks. Present findings in written and oral form to senior client leaders. Develop corrective actions and recommendations to prevent cyber risk exposure in specific environments, moving past basic compliance requirements. Manages information security implications within the organization as directed by leadership. Provide leadership and mentoring for lower level employees. Contribute to the development of innovative principles and ideas. Work on unusually complex problems and provides solutions that are highly creative.
8+ years of experience in current threat actor capabilities and tactics, techniques, and procedures, security controls, vulnerability management, mission and business operations risk, systems security requirements per the Risk Management Framework
Experience with quantitative and qualitative analysis of data sets, NIST guidance, analytic methodologies, and threat modeling
Experience with identifying weaknesses and vulnerabilities in security architecture implementation and broader business operations
Experience with communicating finished and client-ready analysis reports in written and oral formats for multiple organizational audience levels
Ability to obtain a Security clearance
BA or BS degree
Experience with mapping vulnerabilities to security controls and identification of overall weaknesses, determining crown jewels and high value assets within an organization, and mapping threat actor TTPs to vulnerability exploitation
Knowledge of the outputs of penetration test results and current threats affecting specific industries, including financial sector, health, and energy
Active Secret clearance
MA or MS degree in Policy, Law, or an IT-related field
CISSP, Security+, Network+, and GIAC Certifications
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.
We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.