Camber Corporation Cybersecurity Vulnerability Specialist 16738 in Washington, District Of Columbia

Description

Huntington Ingalls Industries - Technical Solutions Division, Integrated Mission Solutions Group (Camber Corporation) provides mission-critical engineering and technical service to Information Technology, Federal Civilian, and National Security, Aerospace & Defense and International government and commercial customers at over 100 locations worldwide.

HII-TSD, Integrated Mission Solutions Group (Camber Corporation) is currently seeking a Senior Cybersecurity Vulnerability Specialist to work out of their Washington, DC office.

The following statements of duties and responsibilities are intended to describe the general nature and level of work being performed by individuals assigned to this position. These statements are not intended to be an exhaustive list of all duties and responsibilities required of all personnel within this position. Actual duties and responsibilities may vary depending upon assignments and other factors.

Duties and Responsibilities:

The Senior Cybersecurity Vulnerability Specialist will use web security inspection tools to perform security testing of production web application servers. The chosen candidate will perform web-based vulnerability testing with tools on production systems that are upgraded or coming online. Once the vulnerability tools are run, candidates will be required to analyze results and write reports based on their findings and follow up with systems owners about the results of the tests.

Specifically, the candidate will:

  • Perform security testing activities that include vulnerability discovery and risk analysis, which includes recommendations for risk mitigation.

  • Perform security testing of IT assets that are in a pre-production or pre-deployment capacity, such as web applications, infrastructure assets and technologies, mobile applications, custom developed software implementations, virtual technologies, and common application platforms.

  • Conduct kickoff meetings and exit briefings

  • Meet with business owners to respond to ad-hoc questions, test findings, or other IT security related concerns

  • Prepare technical responses to security questions

  • Develop content for security articles, Electronic Learning Modules, IT Security Resource Packets, Configuration Guides, and IT brochures.

  • Actively participate in team activities, to include recurring team meetings and process improvement discussions.

  • Develop and present vulnerability and security testing demonstrations for business owners and team members.

Qualifications and Experience:

Required-

  • Bachelor’s Degree and 6 years of IT experience (or High School Diploma and 12 years of IT experience).

  • At least 6 years of experience in cybersecurity management, operational, and/or technical activities.

  • At least 4 years of experience with the National Institute of Standards (NIST) cybersecurity standards and best practices.

  • Candidates should understand how the testing directly correlates to the Federal Risk Management Framework (RMF) or the Judiciary Information Security Framework (JISF).

  • Candidates must be able to interpret testing results/categories back to the NIST/RMF framework and provide a non-technical brief to system owners.

  • At least 2 years conducting IT security testing in a business environment.Understanding of IT security testing and appropriate tools.

  • Knowledge of potential vulnerabilities and threats to existing web applications, databases, and operating system technologies.

  • Knowledge of cybersecurity standards including the Open Web Application Security Project (OWASP) Application Security Verification Standard and security testing tools.

  • Capable of performing security testing of Judiciary IT assets, gathering and aggregating testing data for trend analysis, developing and maintaining documentation to support the testing process, and actively working to ensure the testing process matures in-line with industry and Judiciary requirements and expectations.

  • Attention to detail.

  • Possess one of the following industry-recognized cybersecurity certifications:

  • GIAC Certified Incident Handler (GCIH),

  • Offensive Security Certified Professional (OSCP),

  • GIAC Penetration Tester (GPEN),

  • GIAC Web Application Penetration Tester (GWAPT),

  • Offensive Security Web Expert (OSWE), or

  • Certified Ethical Hacker (CEH), Preferred-

  • Attending/attended a cybersecurity program at a college/university.

Security:

All candidates will be subject to a pre-employment background investigation and drug screening per HII requirements.

About Us

Camber Corporation is part of the Integrated Mission Solutions Group of HII’s Technical Solutions division. Integrated Mission Solutions Group is a leading provider of Agile Software Engineering and Information Technology solutions; All Hazards services; Modeling, Simulation, and Training solutions and services; Unmanned Systems support; Intelligence Analysis and Operations; and Engineering and Management services to Department of Defense, Federal, and commercial customers.

Integrated Mission Solutions Group (Camber), a subsidiary of Huntington Ingalls Industries, Inc. (HII) is headquartered in Huntsville, AL. From Camber’s founding in 1990, we have grown to 32 offices, positioned to provide responsive support to our customers across the United States. We deploy personnel to support our customers globally, including many locations in Asia, Africa, and Europe, providing daily interface on technical, programmatic, and operations issues. Overall, more than 1,600 Camber professionals deliver ISO 9001:2008-certified and CMMI ML3 high-value solutions to customers worldwide.

Camber Corporation is an Equal Opportunity Employer EOE/AA Minorities/Females/Veterans/Disabled