• Translate complex technical findings into actionable insights, work closely with security operations, engineering, and development teams to drive remediation efforts, and continuously enhance our security posture through proactive validation
• Support the Cyber Infrastructure Support Team with Operations & Sustainment (O&S) activities associated with all ASV systems within the MDA environment
• Administer, configure, and maintain the automated security validation platform (e.g., AttackIQ, Cymulate, Picus,SafeBreach, Mandiant Advantage, etc.)
• Troubleshoot and resolve any issues related to platform functionality, agents, or integrations
• Execute automated validation campaigns across various environments (e.g., endpoints, networks, cloud, applications)
• Continuously research and incorporate new attack techniques and threat intelligence into validation efforts
• Generate comprehensive reports, dashboards, and metrics on security control effectiveness and posture
• Communicate findings, risks, and recommended remediations to technical and non-technical stakeholders
• Integrate the security validation platform with existing security tools (SIEM, EDR, SOAR, CMDB, Vulnerability Management, Ticketing Systems) via APIs or other mechanisms
• Proactively identify opportunities to enhance the effectiveness and efficiency of the security validation program
• Maintain detailed documentation of platform configurations, test plans, and procedures
• Other duties as assigned

Requirements

Education/Training:

• Bachelor’s Degree in management or other relevant discipline required
• Bachelor’s Degree in engineering or other relevant discipline preferred
• Current DoD 8570 Level II Certification (ex. CompTIA Security+ CE) required
• Advanced certifications such as OSCP, CySA+, PenTest+, CEH preferred

Experience:

• 5+ years of experience in cybersecurity related roles to include: security operations, vulnerability management, penetration testing, or red teaming
• Experience with network protocols, operating systems (Windows, Linux), cloud environments (AWS, Azure, GCP), and common enterprise architectures required

Preferred Experience:

• Proficiency in at least one scripting language (e.g., Python, PowerShell) for automation and API integration
• Knowledge of common attack techniques, exploitation methods, and adversary tactics, techniques, and procedures (TTPs)
• Experience with the MITRE ATTACK framework and its application in security testing and validation
• Familiarity with various security controls (e.g., EDR, SIEM, Firewalls, IDS/IPS, DLP, WAF) and how to test their effectiveness
• Familiarity with the MDA and BMDS programs

Security:

• Must be a US citizen

• Candidate must be in possession of a minimum DoD issued Secret Clearance

Physical Requirements:

• Able to occasionally reach with hands and arms
• Prolonged periods of computer screen use, while sitting or standing at a desk
• Adhere to safety protocols when in work areas requiring use of PPE (e.g. eyewear, gloves, masks, hearing protection, steel toed shoes, etc.)
• Able to safely lift and carry up to 20 pounds at a time

Benefits

• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k, IRA)
• Life Insurance (Basic, Voluntary & AD&D)
• Paid Time Off (Vacation, Sick & Public Holidays)
• Short Term & Long Term Disability
• Training & Development
• Wellness Resources

Salary: $130,000 - 140,000

Salary rates for this position are competitive and commensurate with experience and industry standards. We offer a comprehensive benefits package that may include health insurance, paid time off, and retirement savings options.