Tyto Athene is searching for a Vulnerability Assessment Team (VAT) Analyst Lead to support a law enforcement customer in Ashburn, VA. In this role, you will work closely with threat hunters, threat analysts, and an established SOC—playing a critical part in identifying, assessing, and mitigating vulnerabilities as we hunt down and defend against the most advanced global threats. 

Responsibilities:

• Lead enterprise vulnerability assessment efforts and security testing activities.

• Perform vulnerability scanning and analysis across complex networks and systems.

• Provide clear, actionable remediation guidance and track remediation efforts to completion.

• Support the development, implementation, and maintenance of enterprise vulnerability management services and processes.

• Operate, configure, and optimize agency tools and technologies used for vulnerability testing, scanning, and threat identification.

• Review and update vulnerability management plans, policies, and documentation.

• Coordinate scanning schedules, scope, and requirements with stakeholders and system owners.

• Review, analyze, validate, and report vulnerability scan results and findings.

• Maintain a repository of vulnerability assessment tool and application issues; report issues to the Government VAT Team Lead and SSD Director.

• Apply Information Systems Security principles and relevant security methodologies across the vulnerability lifecycle.

• Assist with Application Security efforts, including secure configuration and vulnerability testing.

• Leverage understanding of Firewall Management and Advanced Threat Protection solutions.

• Apply expertise related to Access Control, Authorization, IDS/IPS, and protocol analysis.

• Ensure proper handling of sensitive and classified information protocol requirements.

• Ensure compliance with FISMA, NIST, and Risk Management Framework (RMF) standards.

Required:

• Minimum 5 years of experience performing enterprise vulnerability assessments.

• Strong background analyzing vulnerabilities and providing remediation instructions.

• Experience operating vulnerability scanning platforms and assessment tools.

• Knowledge of Application Security concepts and secure system implementation.

• Understanding of Firewall Management, ATP tools, access control, IDS/IPS, and protocol analysis.

• Familiarity with classified information handling requirements.

• Experience working in compliance-driven environments (FISMA, RMF, NIST).

• Strong analytical, communication, and reporting skills.

Desired:

• CISSP - Certified Information Systems Security Professional
• Certified Ethical Hacker (CEH) or one of the following: DoD 8570 IAT Level II or IAM Level I or CSSP Analyst / Incident Responder
• GCFA - GIAC Certified Forensic Analyst
• GCFE - GIAC Certified Forensic Examiner
• GREM - GIAC Reverse Engineering Malware
• GNFA - GIAC Network Forensic Analyst

Location:

• Ashburn, VA

Clearance:

• TS/SCI Clearance required

Compensation:

• Compensation is unique to each candidate and relative to the skills and experience they bring to the position. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range.

Benefits:

• Highlights of our benefits include Health/Dental/Vision, 401(k) match, Paid Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and parental leave.