Cyber Security/Incident Response/Web Risk Analyst (Government)

Full Time
Norfolk, VA
Areas of Interest: Incident Response
report a problem

What are you dreaming of doing with your career? 
Seeking experienced Cybersecurity and Incident Response Operations Analyst to provide technical support, assistance, and training for unique tactics, techniques, and procedures (TTP) and information technology required to support Web Risk Assessment (WRA), part of the Navy’s Cyber Red Teaming mission. This position will involve participation in annual, crisis, and other Web Risk Assessments and annual cyber analysis studies and may include additional requirements such as incident response threat validation and reporting, incident and threat coordination and communication, participation in the development of cyber analysis growth and improvement opportunities and advisory boards, extensive writing and briefing opportunities, certification and accreditation activities

 Candidate must have a minimum of five (5) years of experience in providing highly technical subject matter expertise (SME) and expert guidance to government personnel in the execution of WRA operations or penetration testing and demonstrated experience in at least five of the following areas: 

  • Research various cyber actors’ TTPs, organizational structures, capabilities, personas, and environments, and integrate findings into penetration tests or web risk assessment operations
  • Demonstrated expertise with website scanning and exploitation tools such as HP WebInspect, Accunetix, Burp Suite, Core Impact, etc.
  • Exploitation of vulnerabilities associated with most common operating web hosting platforms (IIS, Apache, etc.), protocols (HTTP, FTP, etc.), and network security services (PKI, HTTPS, etc.)
  • Demonstrated experience performing manual vulnerability testing of web application to include the OWASP Top 10
  • Understanding of Web Services technologies such as XML, JSON, SOAP, REST, and AJAX 
  • Understanding of various web application frameworks such as ASP.NET, J2EE, Zend
  • Web Server configuration knowledge: Microsoft IIS, Apache HTTP Server, Apache Tomcat
  • Development, modification, and utilization of network enumeration engines and Open Source Research (OSR) engines (i.e. Recon-ng, nmap, nessus)
  • Exploitation or vulnerability assessment of web-based scripting engines (javascript, coldfusion, ASP) and other mobile code
  • Plan and execute technical cyber assessments or penetration tests
  • Development and utilization of testing methodology for cloud-based and networked systems
  • Modification, testing and utilization of computer network attack and exploitation tools 
  • Operational Risk Management (ORM) concepts and application
 * This task requires compliance with DOD Directive 8570 on IA Workforce training and certification (IAT Level II). 

Required Clearance: TS/SCI (MANDATORY Current Active or will not qualify 

Desired: The following qualifications are desired, but not required: 
  • Design, build, and implement software, Cyber assessment tools, information assurance products, or computer security applications.
  • Write software/scripts in any of the following computer programming languages (C/C++, Ruby on Rails, Python, and Perl)
  • Computer network or system design and implementation

AT&T is an Affirmative Action/Equal Opportunity Employer and we are co

Share this job:


We understand that our customers want an easier, less complicated life. 

We’re using our network, labs, products, services and people to create a world where everything works together seamlessly, and life is better as a result. How will we continue to drive for this excellence in innovation? 

With you. 

Our people, and their passion to succeed, are at the heart of what we do. Today, we’re poised to connect millions of people with their world, delivering the human benefits of technology in ways that defy the imaginable. 

Wireless Services, U-Verse, Enterprise Applications & Managed Hosting Solutions
Visit AT&T's Social Media pages:
Company Industry: Telecommunications
Company Type: Public Company
Company Size: 10,001+