5G Vulnerability Research Analyst – Lead
| Company | Booz Allen |
|---|---|
| Location | Annapolis Junction, MD, USA |
| Salary | $96600 – $220000 |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Expert or higher |
Requirements
- Experience with Linux command line environments and penetration testing
- Experience scanning and analyzing information system vulnerabilities to assess risk to components such as networks, operating systems, web applications, and databases
- Experience with network security and vulnerability analysis tools such as Wireshark, Burp Suite, Nessus, NMAP, and native Linux command-line tools
- Experience conducting manual exploitation methods and creating or modifying proof of concept exploits in various programming or scripting languages to demonstrate security weaknesses on web applications, mobile, and Linux systems
- Experience with scripting languages such as Python, Perl, Bash, or Ruby
- Experience with virtual machines and containers to perform tasks, including deployment or performing security analysis of said systems
- Knowledge of security frameworks, including NIST SP 800-115, STRIDE, and MITRE ATT&CK
- Ability to obtain a TS/SCI clearance with a polygraph
- Bachelor’s degree in CS, Cybersecurity, or IT and 10+ years of experience with network, security, and vulnerability analysis, or 15+ years of experience with network, security, and vulnerability analysis in lieu of a degree
- OSCP Certification
Responsibilities
- Serve as a senior technical advisor and work collaboratively with a team of researchers, developers, and telecommunications experts
- Manage projects, propose solutions, and perform advanced hands-on security research
- Perform penetration testing and vulnerability research, generate reports and brief findings, develop prototypes, and assist in the design of security solutions of mobile telecommunication systems
- Leverage comprehension of telecommunications networks, next generation networking concepts, and protocol analysis to aid in vulnerability and security analysis
- Apply knowledge of cybersecurity frameworks, methodologies, and skillsets to guide and consult with team members, clients, and leadership on vulnerability projects.
Preferred Qualifications
- Experience with cloud or containerized technologies such as Docker, Kubernetes, OpenStack, virtualization, or software-defined networking
- Experience performing incident response, forensics, or blue teaming activities
- Experience in threat intelligence
- Experience in reverse engineering
- Experience with software development in C/C++ or Java
- Experience with DSP such as GNU Radio and MATLAB, and Software Defined Radio
- Experience with Radio Test Equipment
- Experience with Link Budget Analysis
- Knowledge of telecommunication protocols, architecture, and processes, including air interface protocols such as L1-3
- Possession of excellent verbal and written communication skills