Vulnerability Analyst

Career Opportunities: Vulnerability Analyst (19322) Requisition ID 19322 -Posted - Technology - Level of Experience (3) - Travel - 30% or less - Job Location Options (1) Location: Oak Ridge, TN Job Title: Vulnerability Analyst Career Level From: Associate Career Level To: Senior Specialist Job Specialty: Cyber Security What You’ll Do The Vulnerability Analyst is responsible for analyzing key data streams and interpreting threats, vulnerabilities, impacts, and likelihood of asset exposure. The aggregation of ingested data informs analysis with key identifiers to generate a holistic view of the enterprise and provide recommended mitigations and/or remediation of possible exploitable assets. The analyst also assists Vulnerability and Compliance Assessment Management with cyber analysis to support requested exception requests. Responsible for cybersecurity assessment/analysis and provides recommendations for Enterprise level systems and applications designs. Involved in a wide range of cybersecurity areas, including system architectures, firewalls, inspection and analysis tools, encryption components and networking architectures. Involved in security reporting and analysis to regulatory agencies. Position Duties and Responsibilities Identify systemic security issues based on the analysis of vulnerability and configuration data. Share meaningful insights about the context of an organization’s threat environment that improve its risk management posture. Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, and non-repudiation). Host/network access control mechanisms (e.g., access control list, capabilities lists). Conduct vulnerability scans and recognize vulnerabilities in security systems. Assess robustness of security systems and designs. Detect host and network-based intrusions via intrusion detection technologies (e.g., Snort). Ability to mimic threat behaviors. Support penetration testing tools and techniques. Use social engineering techniques (e.g., phishing, baiting, tailgating, etc.). Support network analysis tools to identify vulnerabilities (e.g., fuzzing, nmap, etc.). Review logs to identify evidence of past intrusions. Conduct application vulnerability assessments. Develop insights about the context of an organization’s threat environment. Analyze organization's cyber defense policies and configurations and evaluate compliance with regulations and organizational directives. Maintain knowledge of applicable cyber defense policies, regulations, and compliance documents specifically related to cyber defense auditing. What You Can Expect Meaningful work and unique opportunities to support missions vital to national and global security Top-notch, dedicated colleagues Generous pay and benefits with a stable organization Career advancement and professional development programs Work-life balance fostered through flexible work options and wellness initiatives Bachelor’s degree in engineering/science/information technology discipline. Master’s degree in engineering/science/information technology discipline. Eight or more years of education and/or relevant experience may be considered to satisfy educational and years‑of‑experience requirements for this posting. Preferred Job Requirements Knowledge of computer networking concepts and protocols, and network security methodologies. Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. Knowledge of cybersecurity threats and vulnerabilities. Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). Knowledge of cryptography and cryptographic key management concepts. Knowledge of cybersecurity specific operational impacts of cybersecurity lapses. Knowledge of cybersecurity application vulnerabilities. Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML). Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]). Knowledge of programming language structures and logic. Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross‑site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return‑oriented attacks, malicious code). Knowledge of systems diagnostic tools and fault identification techniques. Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities. Knowledge of different classes of attacks (e.g., passive, active, insider, close‑in, distribution attacks). Knowledge of system administration, network, and operating system hardening techniques. Knowledge of cyber‑attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense‑in‑depth). Knowledge of security models (e.g., Bell‑LaPadula model, Biba integrity model, Clark‑Wilson integrity model). Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems. Knowledge of packet‑level analysis using appropriate tools (e.g., Wireshark, tcpdump). Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. Knowledge of penetration testing principles, tools, and techniques. Knowledge of application Security Risks (e.g. Open Web Application Security Project Top 10 list). Notes The minimum education and experience for the lowest career level in the job posting range are listed under Minimum Job Requirements. Successful candidates hired into a higher career level than the minimum in the range must meet the requirements listed in the job leveling charts for the career level into which they are being hired. If a range of Career Levels is posted, i.e., Senior Associate to Senior Specialist, internal applicants already in one of the Career Levels would come across at their current Career Level. Internal applicants currently in a lower level Career Level would move to the lowest posted Career Level. Requires a Q clearance; however all qualified candidates will be considered regardless of their current clearance status. The ability to obtain and maintain a Department of Energy Q clearance is required. This position may require entry into the Material Access Areas (MAA) and participation in the Human Reliability Program (10 C.F.R. Part 712), which requires successful competition of a DOE counterintelligence evaluation and may include a counterintelligence‑scope polygraph examination. This position may be categorized as a “designated position” identified by 10 C.F.R. Part 709, requiring successful completion of a DOE counterintelligence evaluation that may include a counterintelligence‑scope polygraph examination. CNS is a drug‑free workplace. Candidates accepting a job offer will be required to pass a pre‑placement physical, drug screening and background investigation. As an employee, you may be required to receive and maintain a security clearance from the United States Department of Energy in order to meet eligibility requirements for access to sensitive information or matter. U.S. citizenship is a requirement for security clearance applicants. All employees are subject to being randomly selected for drug testing without advance notification. CNS is an equal opportunity employer. All qualified applicants will receive consideration for employment based on merit and without regard to race, color, religion, sex, sexual orientation, national origin, protected veteran status or disability. #J-18808-Ljbffr Consolidated Nuclear Security