Security Vulnerability Jobs (NOW HIRING)

They will assess each vulnerability for severity and assign an associated risk statement. The HackerOne Triage console tool will be utilized to assist in assigning and prioritizing reports. It will also assist the Analyst in helping identify duplicate submissions.

Valid reports will be written in a DoD approved format and sent to the Vulnerability Management Analyst team for system owner coordination and mitigation. The Vulnerability Analyst will be a VDP liaison with the hacker community. The Vulnerability Analyst will also: * Utilize offensive toolsets such as Kali Linux to safely analyze production networks and systems, documenting steps and procedures to produce usable vulnerability assessments for the customer.

* Identify and investigate vulnerabilities, asses exploit potential, and document findings and remedies for presentation to facilitate mitigations on customer systems. * Conduct web application vulnerability assessment testing using both automated tools and manual web exploitation techniques, using tools such as Burp Suite and open-source toolsets. * Utilize a variety of industry standard security tools to conduct automated scans against systems and applications.

* Develop and execute proof-of-concept exploits to demonstrate the real-world impact of identified vulnerabilities, utilizing various web exploitation methods. What You'll Bring * Bachelor's degree and 5+ years of experience; OR Master's Degree and 3+ years of experience. Bachelor's or Master's degree must be one of the following fields: Information Technology, Cybersecurity, Computer Science, Information Systems, Data Science, or Software Engineering.

In lieu of a degree in one of these fields, an additional 4 years of relevant experience or specialized training may be considered. * Active Secret Clearance required to start. * Active Security+ or equivalent Certification required to start.

* In-depth understanding of information security principles and practices. * Utilize MITRE ATT&CK, CVSS, and NIST frameworks to assess vulnerability severity and risk impact. * In-depth understanding of web exploitation concepts and techniques.

* Knowledge and understanding of the Open Web Application Security Project (OWASP) top 10. * Experience operating in a professional IT or cybersecurity environment. * Experience investigating security events, threats and/or vulnerabilities.

* Understand information security principles, technologies and practices. * Excellent customer service skills. Preferred * CEH, CCNA-Security, CySA+, OSCP (or equivalent), PenTest+ or similar certification a plus.

* Possess DoD 8570.01-M Information Assurance Technician (IAT) Level II Baseline Certification. * Completed multiple Hack-The-Box penetration testing labs and challenges, developing hands‑on expertise in vulnerability enumeration, exploitation, privilege escalation, and post‑exploitation techniques within realistic, adversarial environments. * An in-depth understanding of penetration testing methodology, including recon, exploit, persistence, etc.

* A solid understanding of networking protocols, their uses, and their potential misuses. * Programming experience in one or more languages, experience in HTLM/CSS or SQL. * Experience with one or more scripting languages such as PowerShell, Bash, Python or Perl.

Salary Range: $108,000 - $148,000 Our Approach At SecureStrux, we are committed to core values that guide the way we work with one another and our clients. As a team member, you will Create Team Synergy, Drive Continuous Innovation, Deliver with Integrity, and have the Freedom to Own it. Our thriving company culture supports our employees as they seek to grow with us!

What We Offer Between our virtual environment where you can evaluate recent technologies and enhance your skills, and a generous annual professional development stipend, you will join a team that enjoys working on leading-edge technologies for world-class clients. We offer a robust total compensation package that includes comprehensive health benefits to support you and your family, flexible time off, continuing education allowance, a donation allowance for charitable causes, profit sharing, and a matched 401k. Employment Types: Full-time Work Arrangements: On-site Locations: Maryland