|
Tharros is seeking a Cyber Security Vulnerability Researcher - Intermediate to conduct research into fundamental computer and information science in support of NAWCAD Cyber Warfare Division programs at NAS Patuxent River, MD. The CSVR conducts vulnerability discovery, exploitation development, and security assessment across weapons systems, enterprise networks, and embedded platforms. This position contributes to red team operations, cooperative vulnerability assessments, and the development of cyber threat emulation capabilities for the NAVAIR platform set.
- Conduct vulnerability assessments of systems, applications, and networks to identify security weaknesses and recommend remediation.
- Analyze system configurations, network traffic, and software components to identify potential vulnerabilities and security risks.
- Perform vulnerability validation, basic proof-of-concept testing, and support penetration testing activities under the guidance of senior team members.
- Assist with cyber assessments, security testing, and red team exercises to evaluate the effectiveness of security controls.
- Use industry-standard vulnerability scanning, assessment, and security testing tools to identify and document findings.
- Prepare technical reports that summarize vulnerabilities, risk levels, and recommended corrective actions.
- Support cyber test and evaluation activities by documenting results and assisting with security analysis.
- Collaborate with cybersecurity engineers, system administrators, and network teams to resolve identified security issues and strengthen system security.
- Research emerging cyber threats, vulnerabilities, and attacker techniques to support defensive security efforts.
- Maintain documentation, track remediation efforts, and ensure assessment activities align with established security standards and organizational policies.
- Active TS, SCI Eligible
- DCWF qualification: CSWF Code 111, 221, 461, 511, 531, 541, 612, or 622
- 3 years of experience performing vulnerability research, OR meets military equivalent OJT requirement
- Demonstrated experience with reverse engineering, binary analysis, and exploitation development
- Experience conducting vulnerability assessments in DoD classified environments
|