Cybersecurity Reviewer / Research Analyst

at  Peraton

ABOUT PERATON

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

QUALIFICATIONS

Required:

• Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD, Will consider HS with 12 years of experience with no degree.
• Must be able to formulate and apply optimizing methods to develop and interpret information that assists in decision making and policy formulation
• Must have experience in collecting, analyzing, and assessing data in order to provide formal feedback. Specifically, able to analyze organization’s cyber defense policies and configurations and evaluate compliance with regulations and organizational directives (i.e., analysis of mitigations)
• Cross-certified in multiple related technology areas in order to conduct reviews of network vulnerability scan, virtual infrastructure, cloud, and other related areas
• Able to analyze organization’s cyber defense policies and configurations and evaluate compliance with regulations and organizational directives (i.e., analysis of mitigations)
• Familiare wih the following areas:
• Boundary Security (i.e., Firewalls, Network Device Management (NDM) policies, and any boundary technology)
• Network Infrastructure (i.e., Firewalls, Routers, Switches, NDM, policies, and network infrastructure)
• Domain Name System (DNS)
• Exchange Server
• Network Vulnerability Scan
• Traditional Security
• Releasable Review
• Virtual Infrastructure and Environments
• Cross Domain Solution (CDS) (Administrative and Limited Technical Review)
• Endpoint Security Solutions
• Mobility (Wireless, Wireless Discovery, 802.11, BlackBerry Enterprise Server (BES), BlackBerry Handheld, etc.)
• Voice and Video over IP (VVOIP)
• Database (Oracle, SQL, or any other database)
• Windows Infrastructure
• UNIX Infrastructure (includes all systems based on UNIX)
• Web Review (i.e., services, servers, etc.)
• Technology not specifically assigned above using SRGs, STIGs, or best practices utilizing the most appropriate certified technology area.
• Current DOD 8140/8570 IAT Level II certification
• Current DOD 8140/8570 IAM Level II certification
• Active TS/SCI clearance
• Travel is expected to worldwide locations. Travel will be conducted in accordance with the Task Order guidelines.

Peraton seeks a Red Team Cybersecurity Reviewer to provide information assurance expertise in the conduct of DODIN cybersecurity reviews on site at CONUS, OCONUS, and DOD mission partner locations.
Location: Fort Meade, MD and/or Chamberburg, PA.

Tasks include:

• Provide expertise in current version of Vulnerability Scan Procedures Guide and any official correspondence sent via electronic transmission or verbal meetings to conduct scans.
• Conduct standard internal network scans, from the premise router inward while ensure scanning of all site-managed network spaces.
• Perform technical Security Readiness Reviews (SRR)
• Conduct assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy
• Assist in developing EXSUMs/ Briefings/Reports
• Maintain cybersecurity vulnerability review, inspection, and audit SOPs, TTPs, checklists, and guides
• Prepare audit reports that identify technical and procedural findings and provide recommended remediation strategies/solutions