Camber Corporation Senior Cybersecurity Vulnerability Specialist 16086 in Washington, District Of Columbia

Description

Overview:

Huntington Ingalls Industry (HII) has an opportunity for a dynamic and collaborative Senior Cybersecurity Vulnerability Specialist to join our team. The chosen candidate will be a member of our team supporting the Administrative Office of the U.S. Courts (the AO) Information Technology Security Office (ITSO). As a team member, the Senior Cybersecurity Vulnerability Specialist will work collaboratively with federal and contractor staff to ensure the security assessment needs of national program offices is met in a timely, compelling, factually accurate, and comprehensive manner.

Responsibilities:

The Senior Cybersecurity Vulnerability Specialist will use web security inspection tools to perform security testing of production web application servers. The chosen candidate will perform web-based vulnerability testing with tools on production systems that are upgraded or coming online. Once the vulnerability tools are run, candidates will be required to analyze results and write reports based on their findings and follow up with systems owners about the results of the tests.

Specifically, the candidate will:

  • Perform security testing activities that include vulnerability discovery and risk analysis, which includes recommendations for risk mitigation.Perform security testing of IT assets that are in a pre-production or pre-deployment capacity, such as web applications, infrastructure assets and technologies, mobile applications, custom developed software implementations, virtual technologies, and common application platforms.

  • Conduct kickoff meetings and exit briefings

  • Meet with business owners to respond to ad-hoc questions, test findings, or other IT security related concerns

  • Prepare technical responses to security questions

  • Develop content for security articles, Electronic Learning Modules, IT Security Resource Packets, Configuration Guides, and IT brochures.

  • Actively participate in team activities, to include recurring team meetings and process improvement discussions.

  • Develop and present vulnerability and security testing demonstrations for business owners and team members.

Required Qualifications:

  • Bachelor’s Degree and 6 years of IT experience (or High School Diploma and 12 years of IT experience).

  • At least 6 years of experience in cybersecurity management, operational, and/or technical activities.

  • At least 4 years of experience with the National Institute of Standards (NIST) cybersecurity standards and best practices.

  • Candidates should understand how the testing directly correlates to the Federal Risk Management Framework (RMF) or the Judiciary Information Security Framework (JISF).

  • Candidates must be able to interpret testing results/categories back to the NIST/RMF framework and provide a non-technical brief to system owners.

  • At least 2 years conducting IT security testing in a business environment.Understanding of IT security testing and appropriate tools.

  • Knowledge of potential vulnerabilities and threats to existing web applications, databases, and operating system technologies.

  • Knowledge of cybersecurity standards including the Open Web Application Security Project (OWASP) Application Security Verification Standard and security testing tools.

  • Capable of performing security testing of Judiciary IT assets, gathering and aggregating testing data for trend analysis, developing and maintaining documentation to support the testing process, and actively working to ensure the testing process matures in-line with industry and Judiciary requirements and expectations.

  • Attention to detail.

  • Possesses one of the following industry-recognized cybersecurity certifications:

  • GIAC Certified Incident Handler (GCIH),

  • Offensive Security Certified Professional (OSCP),

  • GIAC Penetration Tester (GPEN),

  • GIAC Web Application Penetration Tester (GWAPT),

  • Offensive Security Web Expert (OSWE), or

  • Certified Ethical Hacker (CEH) Preferred Qualifications:

  • Attending/attended a cybersecurity program at a college/university.

About Us

Camber Corporation is part of the Integrated Mission Solutions Group of HII’s Technical Solutions division. Integrated Mission Solutions Group is a leading provider of Agile Software Engineering and Information Technology solutions; All Hazards services; Modeling, Simulation, and Training solutions and services; Unmanned Systems support; Intelligence Analysis and Operations; and Engineering and Management services to Department of Defense, Federal, and commercial customers.

Integrated Mission Solutions Group (Camber), a subsidiary of Huntington Ingalls Industries, Inc. (HII) is headquartered in Huntsville, AL. From Camber’s founding in 1990, we have grown to 32 offices, positioned to provide responsive support to our customers across the United States. We deploy personnel to support our customers globally, including many locations in Asia, Africa, and Europe, providing daily interface on technical, programmatic, and operations issues. Overall, more than 1,600 Camber professionals deliver ISO 9001:2008-certified and CMMI ML3 high-value solutions to customers worldwide.

Camber Corporation is an Equal Opportunity Employer EOE/AA Minorities/Females/Veterans/Disabled