Leidos hiring for Vulnerability Analyst jobs in Huntsville, AL, US
Description
Leidos is seeking a Vulnerability Analyst to join an assessment team that provides cyber vulnerability and threat analysis. The ideal candidate will have a strong background in cyber vulnerability analysis, system architecture reviews, and documentation reviews. They will also possess the ability to analyze both open and closed-source intelligence to determine potential cyber threat TTPS, attack vectors, and risks to systems of various size and complexity. The Vulnerability Analyst will be responsible for providing recommendations for mitigation to protect customer systems and data from cyber threats.
Primary Responsibilities:
- Conduct cyber vulnerability analysis to identify and assess potential vulnerabilities in various systems and networks.
- Perform system architecture reviews to understand the system's infrastructure and identify potential security gaps.
- Review documentation related to system configurations, security policies, and procedures to ensure compliance with regulatory requirements, best practices, and industry standards.
- Analyze both open and closed-source intelligence to identify potential cyber threat attack vectors and risks.
- Develop and implement strategies for mitigating cyber threats, including recommending security controls, countermeasures, and alternative courses of action.
- Producing high quality technical and non-technical products, briefings, whitepapers, etc., with emphasis on effective/accurate reporting to improve the security posture of the customer system.
- Maintain a comprehensive understanding of the cyber threat landscape, situational awareness of emerging threats, zero days, vulnerabilities and other threats against customer systems, networks, and assets including identifying and analyzing cyber threats actors and/or activities.
- Communicate findings and recommendations to technical and non-technical stakeholders in a clear and concise manner.
Qualifications:
- Bachelor's degree in Computer Science, Information Security, or related field with a focus on vulnerability analysis and risk assessment and four (4) years prior relevant experience. Additional years of experience and cyber certifications may be considered in lieu of a degree.
- Strong understanding of system architecture, networking, and security principles.
- Prior experience with Threat Modeling
- Experience with cybersecurity tools and technologies, such as vulnerability scanners, network mapping, threat tooling, etc.
- Knowledge of cybersecurity frameworks, such as NIST, ISO, and CIS.
- Must have a strong understanding of the Cyber Kill Chain methodology.
- Excellent analytical and problem-solving skills.
- Strong written and verbal communication skills.
- Relevant certifications, such as CEH, Pentest+, GPEN, CISSP, etc. are a plus.
Candidates must be a resident of the North Alabama area or willing to relocate to the Huntsville - North Alabama, AL area
Desired Skills:
- Four (4) years of hands-on experience with experience in the last two (2) years that includes cyber threat, vulnerability, and risk assessment.
- Prior experience with DoD systems or working in DoD environments
- Previous experience researching and developing various cyber threat actor Tactics, Techniques, and Procedures (TTPs).
- Extensive Knowledge of the MITRE ATT&CK and D3FEND Frameworks.
- Experience in Threat Modeling using frameworks such as STRIDE, PASTA, DREAD, etc.
- A current DoD security clearance is highly desired
Security Requirements:
Candidate must be a US Citizen and possess (and be able to maintain) a Final Top Secret/SSBI Clearance or meet the eligibility to obtain (and maintain) a Final Top Secret Clearance.
Original Posting Date:2024-03-11
While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:Pay Range $81,250.00 - $146,875.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.