CACI is in search of an Information Assurance/Vulnerability Report Analyst- Entry. Information Assurance/Vulnerability Report Analyst will provide operational support to the DoD Vulnerability Disclosure Program (VDP) for the Defense Cyber Crime Center (DC3). These activities directly support the mission to improve defense of the DoD Information Network (DoDIN), by receiving, validating, and disseminating cybersecurity vulnerabilities reported by private-sector researchers. The VDP team tracks and analyzes reported vulnerabilities and mitigation actions by systems owners to identify gaps in DoDIn defenses; areas requiring increased attention, and areas for improvement.
The Information Assurance/Vulnerability Report Analyst is responsible for reviewing and triaging incoming vulnerability reports and routing reports to through the appropriate validation process. Supports network system vulnerability assessments, audits, and related studies conducted in the agency environment; communicating and interacting effectively with external vulnerability researchers, system and network administrators, system owners, JFHQ-DoDIN, peers and leadership.
EDUCATION & EXPERIENCE:
Typically requires a bachelor's degree or equivalent and two to four years of related experience.
- Sufficient technical understanding of software and web applications security and vulnerabilities to review vulnerability reports and communicate effectively
- Demonstrated ability to recognize, interpret, and communicate in information assurance vulnerability management (IAVM), Risk Management Framework (RMF), and security technical implementation guides (STIGs)
- Knowledge of current DoD cyber security challenges and threats
- Knowledge of current DoD cyber security organizations and processes
- Strong verbal and written communication skills; ability to produce as well as provide expert review of accurate and timely technical reports for release to external customers
- Flexibility to adapt to dynamic work environment to meet organizational requirements
- Superior organizational skills to analyze, develop, and deliver detailed reports to meet short suspense windows
- Certifications (any): CISSP, CEH, GCIH, Network+, Security+, A+, CCNA
- Strong attention to detail and ability to prepare documents for customer review
Normal demands associated with an office environment. Ability to work on computer for long periods, and communicate with individuals by telephone, email and face to face. Some travel may be required.