Bravura Inc.
Vulnerability and Application Scanning Lead
Bravura Inc., Frankfort, Kentucky, United States,
Role : Vulnerability and Application Scanning Lead
Location : Fort Knox, KY
Education/Certifications : MA/MS; IAT Level III; Computing Environment Certifications
Years of Experience : 10+
Clearance
Level & Investigation : TS/SCI
Job
Description :
Serves as Vulnerability and Application Scanning Lead. Must possess experience performing correlation and scanning of application code (Java, .Net, etc.) with Government-provided tools and other prescribed Cybersecurity tools to analyze risk and assess compliance across all systems, applications, and authorization boundaries.
Provides mitigation and remediation strategies to application developers to address vulnerabilities in code.
Leads and participates in evaluation and analysis of complex malicious code through utilization of tools, including dissemblers, debuggers, hex editors, un-packers, virtual machines, and network sniffers.
Provides findings in technical reports with details of malware, identification parameters, advanced capabilities, and mitigation strategies.
Conducts research on malicious software, vulnerabilities, and exploitation tactics.
Qualifications:
Requires experience with application security, network security, reverse engineering, or malware.
Requires strong knowledge of worms, viruses, Trojans, rootkits, botnets, Windows internals, and the Win32 APL.
Must have extensive experience required in programming (assembly and web) and system analysis with various tools, including IDA Pro, Ollydbg, PCAP tools, or TCP Dump.
Must be professionally certified, within a Computer Network Defense (CND) discipline, as Technical Level Ill as defined by DODI 8570.
TS/SCI clearance required as Incident Responder.
Specific Responsibilities
:
Perform enterprise-wide risk analysis and vulnerability assessments to assess the command security posture.
Coordinates and develops recommendations on Cybersecurity incident response, mitigation, remediation actions, or risk determination to protect command information systems from damage, destruction, or alteration IAW all required regulations and directives.
Provides recommendations and performs logging, correlation, and scanning with provided Government and Cybersecurity tools (Assured Compliance Assessment Solution (ACAS) and Army Endpoint Security System (AESS)).
Analyzes and correlates risk impact and compliance across all Customer systems, applications, and authorization boundaries.
Supports release management activities by analyzing results of static code scans and providing recommendations for remediation.
#J-18808-Ljbffr
Location : Fort Knox, KY
Education/Certifications : MA/MS; IAT Level III; Computing Environment Certifications
Years of Experience : 10+
Clearance
Level & Investigation : TS/SCI
Job
Description :
Serves as Vulnerability and Application Scanning Lead. Must possess experience performing correlation and scanning of application code (Java, .Net, etc.) with Government-provided tools and other prescribed Cybersecurity tools to analyze risk and assess compliance across all systems, applications, and authorization boundaries.
Provides mitigation and remediation strategies to application developers to address vulnerabilities in code.
Leads and participates in evaluation and analysis of complex malicious code through utilization of tools, including dissemblers, debuggers, hex editors, un-packers, virtual machines, and network sniffers.
Provides findings in technical reports with details of malware, identification parameters, advanced capabilities, and mitigation strategies.
Conducts research on malicious software, vulnerabilities, and exploitation tactics.
Qualifications:
Requires experience with application security, network security, reverse engineering, or malware.
Requires strong knowledge of worms, viruses, Trojans, rootkits, botnets, Windows internals, and the Win32 APL.
Must have extensive experience required in programming (assembly and web) and system analysis with various tools, including IDA Pro, Ollydbg, PCAP tools, or TCP Dump.
Must be professionally certified, within a Computer Network Defense (CND) discipline, as Technical Level Ill as defined by DODI 8570.
TS/SCI clearance required as Incident Responder.
Specific Responsibilities
:
Perform enterprise-wide risk analysis and vulnerability assessments to assess the command security posture.
Coordinates and develops recommendations on Cybersecurity incident response, mitigation, remediation actions, or risk determination to protect command information systems from damage, destruction, or alteration IAW all required regulations and directives.
Provides recommendations and performs logging, correlation, and scanning with provided Government and Cybersecurity tools (Assured Compliance Assessment Solution (ACAS) and Army Endpoint Security System (AESS)).
Analyzes and correlates risk impact and compliance across all Customer systems, applications, and authorization boundaries.
Supports release management activities by analyzing results of static code scans and providing recommendations for remediation.
#J-18808-Ljbffr