1 day old

Exploit Analysis SME Job

  • Job Code
Exploit Analysis SME Job

Exploit Analysis SME Job

Date: Sep 5, 2018

Location: Stafford, VA, US

Company: SAIC

Exploit Analysis SME (Job Number:435047)


The Defense Systems Customer Group currently has a contingency full-time position for an Exploit Analyst to support the Marine Corps’ Cyber Security Service Provider (CSSP) in Stafford, Virginia.

The candidate will be part of a team be responsible for providing capabilities necessary to review exploit code, their associated vulnerabilities, discover enterprise security discrepancies, assessing associated risk and assisting in the development of remedial action in coordination with the Mitigation Action Team. This team will conduct a thorough analysis of the capabilities and effects of adversary tactics, techniques, and procedures within the Enterprise Network in order to improve the overall defense posture. This team will also support the discovery of vulnerabilities in the production environment including no-notice external security assessments.

Responsibilities include:
• Conduct, analyze and review penetration tests and Joint Red Team assessment results to develop recommendations to protect the Enterprise Network.
• Analyze and review application, system, and network security postures across the Enterprise Network in both lab and production environments through active scanning, application-layer protocol fingerprinting or traffic analysis.
• Evaluate identified targeted environments in the Enterprise Network for compliance with applicable DOD, DON, and other government IT Security Policies.
• Support the development and implementation of enterprise mitigation actions in response to complex vulnerabilities.
• Maintain a lab environment with current Enterprise Network and defensive configurations in order to test adversary tactics, techniques, and procedures against a mock Enterprise Network.
• Develop the processes and procedures for replaying network attacks/compromises within a lab environment in order to scope the situation and develop recommended mitigation actions.
• Support the creation of a repeatable data analysis process which identifies attributes and indications of targeted activity for profile development within the DCOS sensor grid.
• Provide support required to maintain the Government’s CSSP accreditation per the standards set forth in the CSSP program manual, DOD -8530.1-M, to include documentation and technical writing support as needed.

- Bachelor’s degree from an accredited institution, or four years of experience in lieu of degree.
• 5+ years of experience performing various assessments (penetrations tests of systems and networks within a DOD Network Environment of enclave.
• 5+ years of experience developing exploit code for network and system penetration testing.
• 5+ years of experience performing penetration testing of web applications.
• 5+ years of experience developing specialized applications for the assessment and security testing of web applications.
• 5+ years of experience developing and maintaining custom applications that exploit known system vulnerabilities or system mis-configurations to configurations to gain system command and control during red team operations.
• Knowledge DOD security controls to include DISA Secure Technical Implementation Guidelines (STIG) and the DOD IA Certification and Accreditation Process and Risk Management Framework (RMF).

Desired Skills/Certifications.
- IAT Level III certification.
• Certification in the Red Team Operations Course.

- Top Secret / Single Scope Background Investigation (SSBI).

SAIC Overview:SAIC is a premier technology integrator providing full life cycle services and solutions in the technical, engineering, intelligence, and enterprise information technology markets. SAIC is Redefining Ingenuity through its deep customer and domain knowledge to enable the delivery of systems engineering and integration offerings for large, complex projects. SAIC has approximately 15,000 employees are driven by integrity and mission focus to serve customers in the U.S. federal government. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $4.5 billion. For more information, visit saic.com.

EOE AA M/F/Vet/Disability

Job Posting: Mar 15, 2018, 1:45:16 PM
Primary Location: United States-VA-STAFFORD
Clearance Level Must Currently Possess: Top Secret
Clearance Level Must Be Able to Obtain: None
Potential for Teleworking: No
Travel: None
Shift: Day Job
Schedule: Full-time

Nearest Major Market: Richmond

Job Segment: Engineer, Security Clearance, Systems Engineer, Network Security, Risk Management, Engineering, Government, Security, Finance


Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Exploit Analysis SME Job


Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast