KIHOMAC
Responsibilities
Translate complex technical findings into actionable insights, work closely with security operations, engineering, and development teams to drive remediation efforts, and continuously enhance our security posture through proactive validation Support the Cyber Infrastructure Support Team with Operations & Sustainment (O&S) activities associated with all ASV systems within the MDA environment Administer, configure, and maintain the automated security validation platform (e.g., AttackIQ, Cymulate, Picus, SafeBreach, Mandiant Advantage, etc.) Troubleshoot and resolve any issues related to platform functionality, agents, or integrations Execute automated validation campaigns across various environments (e.g., endpoints, networks, cloud, applications) Continuously research and incorporate new attack techniques and threat intelligence into validation efforts Generate comprehensive reports, dashboards, and metrics on security control effectiveness and posture Communicate findings, risks, and recommended remediations to technical and non-technical stakeholders Integrate the security validation platform with existing security tools (SIEM, EDR, SOAR, CMDB, Vulnerability Management, Ticketing Systems) via APIs or other mechanisms Proactively identify opportunities to enhance the effectiveness and efficiency of the security validation program Maintain detailed documentation of platform configurations, test plans, and procedures Other duties as assigned Education/Training
Bachelors Degree in management or other relevant discipline required Bachelors Degree in engineering or other relevant discipline preferred Current DoD 8570 Level II Certification (ex. CompTIA Security+ CE) required Advanced certifications such as OSCP, CySA+, PenTest+, CEH preferred Experience
5+ years of experience in cybersecurity related roles to include: security operations, vulnerability management, penetration testing, or red teaming Experience with network protocols, operating systems (Windows, Linux), cloud environments (AWS, Azure, GCP), and common enterprise architectures required Preferred Experience
Proficiency in at least one scripting language (e.g., Python, PowerShell) for automation and API integration Knowledge of common attack techniques, exploitation methods, and adversary tactics, techniques, and procedures (TTPs) Experience with the MITRE ATT&CK framework and its application in security testing and validation Familiarity with various security controls (e.g., EDR, SIEM, Firewalls, IDS/IPS, DLP, WAF) and how to test their effectiveness Familiarity with the MDA and BMDS programs Security
Must be a US citizen Candidate must be in possession of a minimum DoD issued Secret Clearance Physical Requirements
Able to occasionally reach with hands and arms Prolonged periods of computer screen use, while sitting or standing at a desk Adhere to safety protocols when in work areas requiring use of PPE (e.g. eyewear, gloves, masks, hearing protection, steel toed shoes, etc.) Able to safely lift and carry up to 20 pounds at a time Benefits
Health Care Plan (Medical, Dental & Vision) Retirement Plan (401k, IRA) Life Insurance (Basic, Voluntary & AD&D) Paid Time Off (Vacation, Sick & Public Holidays) Short Term & Long Term Disability Training & Development Wellness Resources Salary
$130,000 - 140,000 #J-18808-Ljbffr
Translate complex technical findings into actionable insights, work closely with security operations, engineering, and development teams to drive remediation efforts, and continuously enhance our security posture through proactive validation Support the Cyber Infrastructure Support Team with Operations & Sustainment (O&S) activities associated with all ASV systems within the MDA environment Administer, configure, and maintain the automated security validation platform (e.g., AttackIQ, Cymulate, Picus, SafeBreach, Mandiant Advantage, etc.) Troubleshoot and resolve any issues related to platform functionality, agents, or integrations Execute automated validation campaigns across various environments (e.g., endpoints, networks, cloud, applications) Continuously research and incorporate new attack techniques and threat intelligence into validation efforts Generate comprehensive reports, dashboards, and metrics on security control effectiveness and posture Communicate findings, risks, and recommended remediations to technical and non-technical stakeholders Integrate the security validation platform with existing security tools (SIEM, EDR, SOAR, CMDB, Vulnerability Management, Ticketing Systems) via APIs or other mechanisms Proactively identify opportunities to enhance the effectiveness and efficiency of the security validation program Maintain detailed documentation of platform configurations, test plans, and procedures Other duties as assigned Education/Training
Bachelors Degree in management or other relevant discipline required Bachelors Degree in engineering or other relevant discipline preferred Current DoD 8570 Level II Certification (ex. CompTIA Security+ CE) required Advanced certifications such as OSCP, CySA+, PenTest+, CEH preferred Experience
5+ years of experience in cybersecurity related roles to include: security operations, vulnerability management, penetration testing, or red teaming Experience with network protocols, operating systems (Windows, Linux), cloud environments (AWS, Azure, GCP), and common enterprise architectures required Preferred Experience
Proficiency in at least one scripting language (e.g., Python, PowerShell) for automation and API integration Knowledge of common attack techniques, exploitation methods, and adversary tactics, techniques, and procedures (TTPs) Experience with the MITRE ATT&CK framework and its application in security testing and validation Familiarity with various security controls (e.g., EDR, SIEM, Firewalls, IDS/IPS, DLP, WAF) and how to test their effectiveness Familiarity with the MDA and BMDS programs Security
Must be a US citizen Candidate must be in possession of a minimum DoD issued Secret Clearance Physical Requirements
Able to occasionally reach with hands and arms Prolonged periods of computer screen use, while sitting or standing at a desk Adhere to safety protocols when in work areas requiring use of PPE (e.g. eyewear, gloves, masks, hearing protection, steel toed shoes, etc.) Able to safely lift and carry up to 20 pounds at a time Benefits
Health Care Plan (Medical, Dental & Vision) Retirement Plan (401k, IRA) Life Insurance (Basic, Voluntary & AD&D) Paid Time Off (Vacation, Sick & Public Holidays) Short Term & Long Term Disability Training & Development Wellness Resources Salary
$130,000 - 140,000 #J-18808-Ljbffr