×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Vulnerability Assessment Analyst

Job in Springfield, Fairfax County, Virginia, 22161, USA
Listing for: CALIBRE
Full Time position
Listed on 2026-01-01
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Job Description & How to Apply Below

Overview

CALIBRE is an employee-owned mission focused solutions and digital transformation company. We are currently seeking a Vulnerability Assessment Analyst to support work we are doing in Springfield, VA. This position will be on site. This position performs assessments of systems and networks within the NE or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy.

Measures effectiveness of defense-in-depth architecture against known vulnerabilities.

Responsibilities
  • Analyze organization's cyber defense policies and configurations and evaluate compliance with regulations and organizational directives.
  • Conduct and/or support authorized penetration testing on enterprise network assets.
  • Maintain deployable cyber defense audit toolkit (e.g., specialized cyber defense software and hardware) to support cyber defense audit missions.
  • Maintain knowledge of applicable cyber defense policies, regulations, and compliance documents specifically related to cyber defense auditing.
  • Prepare audit reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions.
  • Conduct required reviews as appropriate within environment (e.g., Technical Surveillance, Countermeasure Reviews [TSCM], TEMPEST countermeasure reviews).
  • Perform technical (evaluation of technology) and nontechnical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network UNCLASSIFIED 96 UNCLASSIFIED and infrastructure, enclave boundary, supporting infrastructure, and applications).
  • Make recommendations regarding the selection of cost-effective security controls to mitigate risk (e.g., protection of information, systems and processes).
Required Skills
  • Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
  • Skill in assessing the robustness of security systems and designs.
  • Skill in detecting host and network based intrusions via intrusion detection technologies (e.g., Snort).
  • Skill in mimicking threat behaviors.
  • Skill in the use of penetration testing tools and techniques.
  • Skill in the use of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.).
  • Skill in using network analysis tools to identify vulnerabilities. (e.g., fuzzing, nmap, etc.).
  • Skill in reviewing logs to identify evidence of past intrusions.
  • Skill in conducting application vulnerability assessments.
  • Skill in performing impact/risk assessments.
  • Skill to develop insights about the context of an organization’s threat environment
  • Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
  • Ability to apply programming language structures (e.g., source code review) and logic.
  • Ability to share meaningful insights about the context of an organization’s threat environment that improve its risk management posture.
  • Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Required Experience
  • Knowledge of computer networking concepts and protocols, and network security methodologies.
  • Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • Knowledge of cybersecurity and privacy principles.
  • Knowledge of cyber threats and vulnerabilities.
  • Knowledge of specific operational impacts of cybersecurity lapses.
  • Knowledge of application vulnerabilities.
  • Knowledge of cryptography and cryptographic key management concepts
  • Knowledge of data backup and recovery.
  • Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
  • Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication,…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search