The Cyber and SIGINT Solution Ops under Defense and Intelligence Sector of Leidos has a career opportunity for a Vulnerability Researcher Analyst with a TS/SCI with polygraph clearance in Annapolis Junction, Maryland.
SUMMARY: Do you enjoy being a part of small teams that work closely with the customer? Does vulnerability analysis pique your interest? Our Prototype Development Support program is looking for candidates with a strong mission. Someone who can figure out smarter, better ways to discover new targets or support mission analysis.
PRIMARY RESPONSIBILITIES: Looking for an exciting opportunity? We are seeking a motivated individual to work in a dynamic environment providing vulnerability assessments and mitigations on a variety of emerging technologies. The work will leverage your ability to deconstruct and tear-down a variety of hardware and software, focusing on a new device/technology approximately every 30 days. The candidate must be a self-starter with the ability to take initiative in the work.
The Vulnerability Analysts identify vulnerabilities and attacks to the design and operation of a system. They compare and contrast various system attack techniques and develop effective defensive mitigations. Additionally, System Vulnerability Analysts produce formal and informal reports, briefings, and perspectives of actual and potential attacks against the systems or missions being studied.
EDUCATION & EXPERIENCE:
- Requires BS degree and 12 - 15 years of prior relevant experience.
- 10-18 years of general experience as a systems analyst.
- 5+ of experience in systems analysis, engineering design, and communications applications on complex information systems, database management, or the use of high-level programming languages.
The optimal candidate is someone with strong problem-solving, analytical, communication and interpersonal skills and who has knowledge or experience in several of the following areas:
- defending against and/or mitigating system vulnerabilities, including at the infrastructure, host and enterprise levels
- intrusion detection and incident response
- network operating systems and network data/traffic analysis
- scripting languages (e.g., PowerShell, Python)
- software reverse engineering
- vulnerability detection and analysis
- packet analysis
- malicious code analysis
- Experience performing open source research & vulnerability analysis
- Experience with reverse engineering
- Experience with disassembly of HW
- Experience using tools to extract & analyze firmware or software
- Experience using commercial off the shelf (COTS), and free open source (FOS) debugging and analyzer tools
- Ability to analyze network and IoT technologies for vulnerabilities
- Experience with network protocol analysis
- Experience developing documentation and reports (analysis reports, test reports, etc.)