Join Our Mission as a Cybersecurity Vulnerability Analyst at Farfield Systems!
At Farfield Systems, we have been passionately supporting the government contracting community for over 23 years. Our commitment to work that truly matters for our customers' most important missions has shaped our culture. We believe that by putting our team members first, we empower them to excel, ultimately ensuring the satisfaction of our clients. This ethos—“employee driven…customer focused”—defines who we are and what we stand for.
We are currently seeking a dedicated Cybersecurity Vulnerability Analyst to join our team in supporting a critical U.S. Government customer. In this role, you will play a vital part in providing cybersecurity vulnerability analysis support, aimed at minimizing the prevalence and impact of vulnerabilities across Federal Civilian Executive Branch (FCEB) entities and Critical Infrastructure Key Resources (CIKR).
Key Responsibilities:
- Leverage your creativity and critical thinking to assess and communicate the implications of cybersecurity vulnerabilities on the security posture of FCEB and CIKR entities.
- Conduct thorough prevalence and sector analyses of vulnerabilities using cutting-edge Attack Surface Management tools.
- Analyze vulnerability reports to identify potential risks and impacts affecting CIKR and FCEB entities.
- Stay informed about the technical capabilities of our Vulnerability Management (VM) Subdivision operational components.
- Evaluate the technical requirements of VM components and provide actionable recommendations.
- Effectively communicate the implications of vulnerabilities to relevant organizations.
- Collaborate with VM analysts and leadership to ensure alignment of VM operational activities.
- Engage with broader Cybersecurity Division (CSD) analysts and leadership to grasp CSD operational priorities and activities.
- Exhibit flexibility and a proactive approach in assisting the government to establish operations in this new mission area within VM.
- Contribute to the development of Standard Operating Procedures and Work Instructions as needed.
- Assist in the preparation of weekly operation summaries, intelligence analysis summaries, and other cyber intelligence reports.
Why Farfield Systems?
By joining our team, you will become part of a culture that values innovation and teamwork. Your expertise will not only enhance our operations but also contribute significantly to the national cybersecurity landscape. If you are ready to make an impact and be part of a mission-driven team, we encourage you to apply today!
Together, let's make a difference that matters.
Requirements:
Required Skills:
- U.S. Citizenship
- Must have an active TS/SCI clearance
- Must be able to obtain DHS Suitability
- 5+ years of directly relevant experience
- Experience as a hands-on cybersecurity analyst (i.e. SOC Analyst or Penetration Tester) is required
- Experience with the analysis and characterization of cyber attacks
- Skilled in identifying different classes of attacks and attack stages
- Knowledge of system and application security threats and vulnerabilities
- Knowledge of basic networking protocols, including TCP/IP, UDP, HTTP/HTTPS, SSH, and DNS, and open security standards and projects, including OWASP
- Knowledge of CVSS and KEV scoring methodology
- Knowledge of general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc.)
- Knowledge of VM scanning, Web Application scanning, and red team processes
- Experience recognizing and categorizing types of vulnerabilities and associated attacks
- Knowledge of Computer Network Defense policies, procedures, and regulations
- Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored])
- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code)
- Experience in developing and delivering technical briefings
- Must be able to work collaboratively across physical and virtual locations
Desired Skills:
- Understanding of OT/ICS/SCADA technologies and associated vulnerabilities
- Experience with conducting all-source research
- Understanding of MITRE Adversary Tactics, Techniques and Common Knowledge (ATT&CK)
- Experience with:
o SharePoint
o ServiceNow
o Palo Alto Networks Cortex Xpanse
Required Experience Education:
BS Computer Science, Computer Engineering, Computer Information Systems, Cybersecurity, or related degree, or 7+ years experience in cyber incident management experience or cybersecurity experience with a High school diploma.
Desired Certifications:
- CompTIA Security+, CEH, CISSP, CISM, CISA, CCSP, CIPP, CPT, CCSS
ECP-1
Security Clearance Required: TS/SCI