The Candidate Team shall enable continuous situational awareness of current and emerging cyber threats by collaboration and support with other cyber defense teams.
The Candidate Team shall deliver data-driven analysis of withstanding and new vulnerabilities and weaknesses present the organization’s systems and networks.
The Candidate Team shall report on emerging major vulnerabilities to include any active exploitation seen in the wild or the presence of any proof of concept exploits to be available that would pose an immediate threat the organization.
The Candidate Team shall perform proactive data gathering to better understand the political, economic, and behavioral aspects of threats, cyber activities, and threat actors.
The Candidate Team shall assist with threat data enrichment, curation, automation, and dissemination.
The Candidate Team shall make recommendations about cyber gaps, collaborate with peers on solutions to address cyber needs through various cyber gathering methods.
The Candidate Team shall conduct research on threat actor groups, malware, exploit methods, and vulnerabilities as well as manage and curate Indicators of Compromise (IOCs) to assist with analysis for threat indicators seen in the environment.
The Candidate Team shall apply knowledge and research of current cyber threats and the associated Tactics, Techniques, and Procedures used to attack computer networks.
The Candidate Team shall generate vulnerability and weakness risk reports on identified findings, and in-depth analysis on how the identified findings can impact internal stakeholders.
The Candidate Team shall provide prioritization and remediation guidance to remediate or mitigate the identified findings.
The Candidate Team shall provide input for successful operationalization of vulnerability assessment and other cyber security technologies to further streamline and find efficiency in the teams operations.
The Candidate Team shall track upon identified findings to completion or acceptable level of mitigation or risk as dictated by the organization.
The Candidate Team shall generate metrics of the quantification and qualification of risk leveraging the data and findings at each step of the vulnerability management lifecycle, to include Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs).
The Candidate Team shall present relevant findings to both technical and non-technical audiences, to include senior organizational management.
The Candidate Team shall provide input and help champion the implementation of processes, procedures, and technology solutions to further mature the operational program and team cadence.
The Candidate Team shall respond to internal team and stakeholder’s inquiries on vulnerabilities and related topics, as well as regularly support, involve, and liaise with other internal teams.
required skills and demonstrated experience
Demonstrated experience in cyber security or related IT field.
Demonstrated experience with adversarial tactics, techniques, & procedures (TTPs).
Demonstrated experience with computer attack methods and system exploitation techniques.
Demonstrated experience with cyber security principles for Linux, Windows, virtual platforms, networking, and Cloud.
Demonstrated experience with network architectures and fundamentals.
Demonstrated experience analyzing test results to develop risk and threat mitigation plans.
Demonstrated experience with market-leading vulnerability management tools including the ability to deploy, configure, and run these tools.
Demonstrated experience with vulnerability concepts and prevalent vulnerability types such as SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF), path traversals, denial of service (DoS), buffer overflows, command injection, race conditions, open redirects, privilege escalation, authentication bypasses, XML External Entity (XXE) attacks and similar.
Demonstrated experience with privilege and high/low trust boundaries and what defines a vulnerability vs. weakness.
Demonstrated experience with vulnerability and risk scoring frameworks and methodologies such as CVSSv2 and CVSSv3.
Demonstrated experience with vulnerability repositories (NVD, CVE MITRE, and VULdb) and exploitation techniques (MITRE ATT&CK and DEFEND).
Demonstrated experience with web application (OWASP) and OS-level vulnerability categories and documentation.
Demonstrated experience communicating how an attacker would exploit vulnerabilities and the types of attacks they could be used for.
Demonstrated experience with the general threat landscape of an IT network and how vulnerabilities and exploitation of them impact it.
Demonstrated experience with patch management and software development lifecycle (SDLC).
Demonstrated experience in security operations, vulnerabilities and exploitation, network security, cloud security, and a comprehensive background in information security.
Demonstrated experience with using open-source and human information sources to track and collect information on adversaries, malware, campaigns, and related malicious infrastructure.
Demonstrated experience conducting all-source research on a wide range of cyber issues.
Demonstrated experience with leveraging Tableau or PowerBI to collect and visualize metric data.
Demonstrated experience administering a SharePoint environment.
Demonstrated experience with portfolio management.
Demonstrated experience resolving complex problems including organizing and structuring solutions.
Demonstrated experience developing executive level briefing materials and reports.
Demonstrated experience with Program and Project Management methodologies.
Demonstrated experience with ServiceNow and JIRA.
Demonstrated experience eliciting and identifying requirements.
Demonstrated experience reviewing program and generating formal review documentation.
Demonstrated experience coordinating, supporting, and participating in program meetings and reviews.
Demonstrated experience reviewing and identifying inconsistencies in program plans.
Demonstrated experience supporting division-level budget and plans activities.
Demonstrated experience with project management activities such as planning projects, meeting objectives, developing contingencies, and producing schedules.
Demonstrated experience managing meetings to include meeting minutes, organizing, scheduling, and facilitating.
Highly Desired skills and demonstrated experience
Demonstrated experience communicating vulnerability results and risk posture to senior executives.
Demonstrated experience performing complex technical tasks with minimal direction.
Bachelor's degree in Computer Science, Information Systems, Engineering, or other related scientific or technical discipline.
Demonstrated experience with Confluence.
Demonstrated experience with advanced analytic features within Excel such as PivotTables, PivotCharts, VLOOKUP.
Demonstrated experience in malware reverse-engineering techniques.
Demonstrated experience in threat hunting in large distributed environments.