Boundary Assessment Team Analyst with Security Clearance

---

Job description

BreakPoint Labs is seeking a Boundary Assessment Team Analyst. This position is remote. The position will be responsible for the following: - Perform remote threat assessments of 40 service delivery points a year and provide a written report of findings and provide recommended remediation to new DREN and SDREN RDT&E customers.
- The goal of the remote threat assessments is to enumerate exploitable flaws from the Internet's perspective without causing impact to the target systems.
- Validate the customer attack surface utilizing industry known best practices for defending network terrain for DoD key task areas such as VPNs and Public Facing Websites.
- Assess cybersecurity capabilities through validating and testing the functionality of ACAS, HBSS, IDS, etc. and reporting findings for tracking and closure.
- Assessments will coordinate and identify security flaws and issues identified with the DoD Bug Bounty program.
- The BAT will follow a formal testing methodology with documented procedures to test systems vulnerabilities and misconfigurations, in order to maximize their reliability in the face of a cyber-attack.
- Prepare technical assessment reports for cybersecurity personnel and system administrators, and conduct formal briefings for effective communication of system analysis results to leadership. Required Experience: - Bachelor's Degree and five (5) years Information Assurance (IA) or related experience.
- Certified as an IAT-II (CISSP, CASP CE, CISA, etc.) within 60 days of hire.
- Certified as OSCP (Strongly Preferred)
- Certified as GWAPT, GPEN (Preferred)
- Knowledge of vulnerability scanning and testing tools (Nmap, ACAS/Nessus/SecurityCenter, Burp Suite Professional, Acunetix, Metasploit, EyeWitness, Whatweb, SQLMap, Shodan, Censys.io, and other tools as deemed appropriate for the mission.
- Knowledge of common DoD Cybersecurity Technologies (ACAS, HBSS, IDS, etc.)
- Ability to adapt to new testing Techniques, Tactics, and Procedures (TTPs) associated with realistic threats to improve vulnerability findings.
- Understanding of common attacker TTPs in order to perform threat analysis during assessments.
- Experience performing manual and automated DoD STIG compliance auditing on multiple technologies (Ex: Operating Systems, Web Applications, Databases, Etc.)
- Experience troubleshooting and understanding vulnerability scanning and testing tools and manual testing techniques to determine vulnerability findings that are missed. Certifications Required: Security+ Continuing Education (CE) AND CompTIA Certified Ethical Hacker (CEH) EC-Council Security Clearance Required: Secret
Education Level Required: Bachelor's Degree in the Area(s) of Study Computer Science, Information Technology

<!– job description page –>