CPVA Infrastructure - Cloud with Security Clearance
Software Engineering Services is hiring for a Vulnerability Assessor in Infrastructure/Cloud in San Antonio, TX.
Please review the qualifications and contact us today! The candidate will be responsible for conducting vulnerability and compliance assessments on network infrastructure and cloud architectures to include, but not limited to scanning these environments to identify active client, server and infrastructure devices such as routers, switches, firewalls, proxy servers, intrusion detection/prevention systems (IDS/IPS), fingerprint applications/operating systems, identify vulnerabilities, analyze results, manually verify findings to eliminate false positives or negatives, capture artifacts such as screen captures, etc.
, to provide evidence and artifacts for each exploitable vulnerability, etc.
Candidate must also be able to adequately tell the story of how vulnerability was exploited and what the overall impact would be to particular hosts or networks.
More specifically, the candidate will:
o Conduct vulnerability and compliance assessments on AF and DoD systems (i.
e.
, Microsoft Windows and UNIX based platforms) and network infrastructure/cloud architectures (i.
e.
, routers, switches, Voice over IP, etc.
)o Demonstrated understanding of Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) and employed/use of virtual private networks (VPNs)o Collaborate with cyber and security to ensure security controls are embedded into architectures/designs to be assessedo Create proof-of-concepts to demonstrate feasibility of new ideas/innovationso Demonstrated ability to read raw network device configuration and be able to identify and describe why a particular setting is erroneous without the assistance of automated toolso Remain abreast of emerging cloud technologies to provide input and knowledge on trends to support future customer missions/taskso Ability to map out a network and identify the location of discovered devices within the network/cloud architectureo Ability to methodically analyze problems and identify potential solutionso Ability to adequately explain, present, demonstrate when applicable and document the operational impact of a particular vulnerability or exploito Analyze and evaluate network and infrastructure diagrams for potential attack vectors; render sound cyber security remediation recommendations for items identifiedo Knowledgeable in common cyber threat terminology, methodologies, possess basic understanding of cyber incident and response, and related current events o Assist customer with implementing policies and tactics, techniques and procedures for conducting assessments o Exhibit good written and verbal skills, with an attention to detail and desire to deliver a quality product; additionally, an ability to render concise reports, summaries, and formal oral presentationso Demonstrate willingness and ability to mentor co-workers an share knowledge with internal customerso Ability to prioritize conflicting demands to arrange, address and resolve support issueso Travel up to 25% with trips encompassing 1-4 weeks in duration MINIMUM REQUIREMENTSo Meet DoD 8570 IAT Level 3 requirements (CASP
CE, CCNP Security, CISA, CISSP, GCED or GCIH) and have an active TS/SCI clearanceo Possess a cloud computing professional certification (AWS Solutions Architect, AWS DevOps Engineer, AWS Advanced Networking, or similar)o Obtain a CSSP-Auditor (C EH, CySA+, CISA or GSNA) certification within 6 months of hireo Willing to obtain a UNIX/Linux certification within 6 months of hireo Minimum bachelor's degree and 2 years' experience, associate degree with 4 years' experience or 6 years equivalent experience without a degree; degrees focused on engineering or applied science o Expertise with cross-functional requirements and interfaces for hardware, software and communications in a cloud computing environment (AWS, Azure) (5 years)o Experience in working with and in a network systems security environment with a focus on network administration and security (5 years)o Demonstrated understanding of virtualization technology and Docker containers (i.
e.
Hyper-V, VMware, Citrix, and VirtualBox)o Proficient in review and understanding of JSON and YAML languageso Demonstrated ability to employ NMAP, its associated options, and interpret resultso Demonstrated ability to apply Nessus/ACAS and SCC to scan environments and interpret the results; firm understanding of how to review, analyze and interpret DISA STIGso Interest in research to stay abreast of future direction and trends for cloud technologies o Self-motivated with minimal supervision o Must complete customer pre-screen, skills assessment lab, pass customer training and certification program and remain mission ready qualified PREFERRED REQUIREMENTS IN ADDITION TO THE AFOREMENTIONEDo Analytical with the ability to understand and implement customer objectives o Familiarity with NIST, RMF, DISA STIGs and experience in conducting DoD vulnerability and compliance assessmentso Experience or familiarity with military operations highly desirable Recommended Skills Applied Science Architecture Assessments Attention To Detail Auditing Certified Information Security Manager Estimated Salary: $20 to $28 per hour based on qualifications.
Please review the qualifications and contact us today! The candidate will be responsible for conducting vulnerability and compliance assessments on network infrastructure and cloud architectures to include, but not limited to scanning these environments to identify active client, server and infrastructure devices such as routers, switches, firewalls, proxy servers, intrusion detection/prevention systems (IDS/IPS), fingerprint applications/operating systems, identify vulnerabilities, analyze results, manually verify findings to eliminate false positives or negatives, capture artifacts such as screen captures, etc.
, to provide evidence and artifacts for each exploitable vulnerability, etc.
Candidate must also be able to adequately tell the story of how vulnerability was exploited and what the overall impact would be to particular hosts or networks.
More specifically, the candidate will:
o Conduct vulnerability and compliance assessments on AF and DoD systems (i.
e.
, Microsoft Windows and UNIX based platforms) and network infrastructure/cloud architectures (i.
e.
, routers, switches, Voice over IP, etc.
)o Demonstrated understanding of Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) and employed/use of virtual private networks (VPNs)o Collaborate with cyber and security to ensure security controls are embedded into architectures/designs to be assessedo Create proof-of-concepts to demonstrate feasibility of new ideas/innovationso Demonstrated ability to read raw network device configuration and be able to identify and describe why a particular setting is erroneous without the assistance of automated toolso Remain abreast of emerging cloud technologies to provide input and knowledge on trends to support future customer missions/taskso Ability to map out a network and identify the location of discovered devices within the network/cloud architectureo Ability to methodically analyze problems and identify potential solutionso Ability to adequately explain, present, demonstrate when applicable and document the operational impact of a particular vulnerability or exploito Analyze and evaluate network and infrastructure diagrams for potential attack vectors; render sound cyber security remediation recommendations for items identifiedo Knowledgeable in common cyber threat terminology, methodologies, possess basic understanding of cyber incident and response, and related current events o Assist customer with implementing policies and tactics, techniques and procedures for conducting assessments o Exhibit good written and verbal skills, with an attention to detail and desire to deliver a quality product; additionally, an ability to render concise reports, summaries, and formal oral presentationso Demonstrate willingness and ability to mentor co-workers an share knowledge with internal customerso Ability to prioritize conflicting demands to arrange, address and resolve support issueso Travel up to 25% with trips encompassing 1-4 weeks in duration MINIMUM REQUIREMENTSo Meet DoD 8570 IAT Level 3 requirements (CASP
CE, CCNP Security, CISA, CISSP, GCED or GCIH) and have an active TS/SCI clearanceo Possess a cloud computing professional certification (AWS Solutions Architect, AWS DevOps Engineer, AWS Advanced Networking, or similar)o Obtain a CSSP-Auditor (C EH, CySA+, CISA or GSNA) certification within 6 months of hireo Willing to obtain a UNIX/Linux certification within 6 months of hireo Minimum bachelor's degree and 2 years' experience, associate degree with 4 years' experience or 6 years equivalent experience without a degree; degrees focused on engineering or applied science o Expertise with cross-functional requirements and interfaces for hardware, software and communications in a cloud computing environment (AWS, Azure) (5 years)o Experience in working with and in a network systems security environment with a focus on network administration and security (5 years)o Demonstrated understanding of virtualization technology and Docker containers (i.
e.
Hyper-V, VMware, Citrix, and VirtualBox)o Proficient in review and understanding of JSON and YAML languageso Demonstrated ability to employ NMAP, its associated options, and interpret resultso Demonstrated ability to apply Nessus/ACAS and SCC to scan environments and interpret the results; firm understanding of how to review, analyze and interpret DISA STIGso Interest in research to stay abreast of future direction and trends for cloud technologies o Self-motivated with minimal supervision o Must complete customer pre-screen, skills assessment lab, pass customer training and certification program and remain mission ready qualified PREFERRED REQUIREMENTS IN ADDITION TO THE AFOREMENTIONEDo Analytical with the ability to understand and implement customer objectives o Familiarity with NIST, RMF, DISA STIGs and experience in conducting DoD vulnerability and compliance assessmentso Experience or familiarity with military operations highly desirable Recommended Skills Applied Science Architecture Assessments Attention To Detail Auditing Certified Information Security Manager Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
