AT&T Cyber Security/Incident Response/Web Risk Analyst (Government) in Norfolk, Virginia

Seeking experienced Cybersecurity and Incident Response Operations Analyst to provide technical support, assistance, and training for unique tactics, techniques, and procedures (TTP) and information technology required to support Web Risk Assessment (WRA), part of the Navy’s Cyber Red Teaming mission. This position will involve participation in annual, crisis, and other Web Risk Assessments and annual cyber analysis studies and may include additional requirements such as incident response threat validation and reporting, incident and threat coordination and communication, participation in the development of cyber analysis growth and improvement opportunities and advisory boards, extensive writing and briefing opportunities, certification and accreditation activities

Candidate must have a minimum of five (5) years of experience in providing highly technical subject matter expertise (SME) and expert guidance to government personnel in the execution of WRA operations or penetration testing and demonstrated experience in at least five of the following areas:

  • Research various cyber actors’ TTPs, organizational structures, capabilities, personas, and environments, and integrate findings into penetration tests or web risk assessment operations

  • Demonstrated expertise with website scanning and exploitation tools such as HP WebInspect, Accunetix, Burp Suite, Core Impact, etc.

  • Exploitation of vulnerabilities associated with most common operating web hosting platforms (IIS, Apache, etc.), protocols (HTTP, FTP, etc.), and network security services (PKI, HTTPS, etc.)

  • Demonstrated experience performing manual vulnerability testing of web application to include the OWASP Top 10

  • Understanding of Web Services technologies such as XML, JSON, SOAP, REST, and AJAX

  • Understanding of various web application frameworks such as ASP.NET, J2EE, Zend

  • Web Server configuration knowledge: Microsoft IIS, Apache HTTP Server, Apache Tomcat

  • Development, modification, and utilization of network enumeration engines and Open Source Research (OSR) engines (i.e. Recon-ng, nmap, nessus)

  • Exploitation or vulnerability assessment of web-based scripting engines (javascript, coldfusion, ASP) and other mobile code

  • Plan and execute technical cyber assessments or penetration tests

  • Development and utilization of testing methodology for cloud-based and networked systems

  • Modification, testing and utilization of computer network attack and exploitation tools

  • Operational Risk Management (ORM) concepts and application

  • This task requires compliance with DOD Directive 8570 on IA Workforce training and certification (IAT Level II).

Required Clearance: TS/SCI (MANDATORY Current Active or will not qualify

Desired: The following qualifications are desired, but not required:

  • Design, build, and implement software, Cyber assessment tools, information assurance products, or computer security applications.

  • Write software/scripts in any of the following computer programming languages (C/C++, Ruby on Rails, Python, and Perl)

  • Computer network or system design and implementation

AT&T is an Affirmative Action/Equal Opportunity Employer and we are committed to hiring a diverse and talented workforce. EOE/AA/M/F/D/V

#LI-ME1