Return to Job Search
BA 380 vulnerability management (Senior) Remote Nov 5, 2020
Linthicum Heights, MD  
Senior -Remote
Required Skills:
• Expert technical understanding of software and web
application security and common vulnerabilities (CWE, CVE)
• Demonstrated technical ability to validate web
vulnerabilities on live DoD web properties using manual
techniques and common tools
• Demonstrated ability to recognize, interpret, and
communicate in information assurance vulnerability management
(IAVM), Risk Management Framework (RMF), and security
technical implementation guides (STIGs)
• Demonstrated knowledge of various software testing
methodologies, test case creation and the reporting process
• Knowledge of current DoD cyber security challenges and
• Knowledge of common web application architecture and
programming techniques, including common languages (e.g.,
JavaScript, PHP, SQL)
• Familiar with Layer 2/3 network and security appliance
capabilities; familiar with TCP/IP protocol stack
• Strong verbal and written communication skills; ability to
provide expert review of accurate and timely technical
reports for release to external customers
• Flexibility to adapt to dynamic work environment to meet
organizational requirements
• Ability to use sound judgement when conducting live testing
to avoid or minimize impact to production services and data
• Superior organizational skills to analyze, develop, and
deliver detailed reports to meet short suspense windows
• Aware of industry trends; IoT, ICS/SCADA, containerization
technologies, Dev-Sec-Ops
• Certifications (any): CEH, GCIH, Security+, CCNA Cyber Ops,

Desired Skills:
• Certifications (any): CEH, GCIH, Security+, CCNA Cyber Ops,
• Strong attention to detail and ability to prepare documents
for customer review
The Vulnerability Management Team member will provide
technical support to the DoD Vulnerability Disclosure Program
(VDP) for the Defense Cyber Crime Center (DC3). These
activities directly support the mission to improve defense of
the DoD Information Network (DoDIN), by receiving,
validating, and disseminating cybersecurity vulnerabilities
reported by private-sector researchers. The VDP team tracks
and analyzes reported vulnerabilities and mitigation actions
by systems owners to identify gaps in DoDIn defenses; areas
requiring increased attention, and areas for improvement.

This position performs technical validation and initial
severity assessment of externally-reported web security

Alliant LCAT Description: Possesses and applies expertise on
multiple complex work assignments. Assignments may be broad
in nature, requiring originality and innovation in
determining how to accomplish tasks. Operates with
appreciable latitude in developing methodology and presenting
solutions to problems. Contributes to deliverables and
performance metrics where applicable.
Suggested Qualifications: 13 years of professional experience
without a degree; or 5 years of professional experience with
a Bachelors degree from an accredited college in a related
discipline, or equivalent experience/combined education; or 3
years of professional experience with a related Masters
degree; or no experience required with a related PhD or JD.
Consideration should always be given for the level of
specific domain expertise.
If you have previously submitted your resume input your login and password and click apply.
Click here if you are applying for the first time.