Apply Now    

Information Assurance/Vulnerability Assessment Analyst

Req #: 136258
Location: Linthicum, MD US
Job Category: Information Technology
Security Clearance: Secret
Clearance Status: Must Be Current

Job Description

Summary:  CACI is in search of a Information Assurance/Vulnerability Assessment Analyst. The Information Assurance/Vulnerability Assessment Analyst will provide technical support to the DoD Vulnerability Disclosure Program (VDP) for the Defense Cyber Crime Center (DC3).  These activities directly support the mission to improve defense of the DoD Information Network (DoDIN), by receiving, validating, and disseminating cybersecurity vulnerabilities reported by private-sector researchers. 
Duties and Responsibilities:
- The Information Assurance/Vulnerability Assessment Analyst tracks and analyzes reported vulnerabilities and mitigation actions by systems owners to identify gaps in DoDIn defenses; areas requiring increased attention, and areas for improvement.  This position performs technical validation and initial severity assessment of externally-reported web security vulnerabilities

EDUCATION & EXPERIENCE: Typically requires a bachelor's degree or equivalent and five to seven years of related experience.
- 13 years of professional experience without a degree; or 5 years of professional experience with a Bachelor's degree from an accredited college in a related discipline, or equivalent experience/combined education; or 3 years of professional experience with a related Master's degree; or no experience required with a related PhD or JD. Consideration should always be given for the level of specific domain expertise

Required Qualifications:
- Technical understanding of software and web application security (e.g., security headers, TLS configuration, secure design and coding practices) and vulnerabilities (e.g. XSS, SQLi, XXE, injection and inclusion)

- Demonstrated technical ability to validate web vulnerabilities on live DoD web properties using manual techniques and common tools

- Demonstrated ability to recognize, interpret, and communicate in information assurance vulnerability management (IAVM), Risk Management Framework (RMF), and security technical implementation guides (STIGs)

- Demonstrated knowledge of various software testing methodologies, test case creation and the reporting process

- Knowledge of current DoD cyber security challenges and threats

- Knowledge of common web application architecture and programming techniques, including common languages (e.g., JavaScript, PHP, SQL)

- Strong verbal and written communication skills; ability to provide expert review of accurate and timely technical reports for release to external customers

- Flexibility to adapt to dynamic work environment to meet organizational requirements

- Ability to use sound judgement when conducting live testing to avoid or minimize impact to production services and data

- Superior organizational skills to analyze, develop, and deliver detailed reports to meet short suspense windows

- Certifications (any): CISSP, CEH, GCIH, Network+, Security+, A+, CCNA

Desired Qualifications:
- Certifications (any): CISSP, CEH, GCIH, Network+, Security+, A+, CCNA

- Strong attention to detail and ability to prepare documents for customer review

Normal demands associated with an office environment. Ability to work on computer for long periods, and communicate with individuals by telephone, email and face to face. Some travel may be required.

Job Location



CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.

Apply Now    
Link for schema