Careers at ACTIVECYBER
Current Open Positions
Click on the links below to view the complete job descriptions.
Click on the links below to view the complete job descriptions.
Information Security Analyst
ACTIVECYBER is seeking a full-time Information Security Analyst to support our growing cybersecurity team and commercial clients in the Washington DC metro area. The responsibilities of the position include security assessment and testing, vulnerability assessments, compliance assessments across multiple industries, governance, and information security policy/procedure development. The Information Security Analyst will be responsible for conducting security assessments, developing policies and procedures, and conducting compliance assessments for our customers.
Responsibilities
Requirements
Additional Qualifications
Qualified candidates should submit resumes via email.
Download job opening PDF here.
ACTIVECYBER is seeking a full-time Information Security Analyst to support our growing cybersecurity team and commercial clients in the Washington DC metro area. The responsibilities of the position include security assessment and testing, vulnerability assessments, compliance assessments across multiple industries, governance, and information security policy/procedure development. The Information Security Analyst will be responsible for conducting security assessments, developing policies and procedures, and conducting compliance assessments for our customers.
Responsibilities
- Conduct security assessments of customer systems, services, and programs.
- Analyze customer processes and configurations to verify that previously identified flaws have been corrected, and document the results.
- Conduct compliance assessments against industry best-practices and frameworks
- Develop procedures and policies to help clients adhere to industry best-practices and frameworks
- Develop detailed remediation reports and recommendations for compliance and security improvements across industries based on changing threats.
- Develop and update a consistent approach to information security programs and ensure adherence with best practices.
Requirements
- Bachelor’s degree in a technical discipline, or equivalent experience
- 2-4 years of information security experience
- Experience with at least one of the following security industry frameworks: NIST, ISO, HIPAA, SOX, GLBA, etc.
- Clearly articulates technical requirements and other information in written documentation
- Experience with developing information security policies and procedures at the enterprise level
- Experience developing security plans (such as Incident Response Plans and Disaster Recovery Plans) at the enterprise level accompanies by the development of test plans
- Vulnerability scanning experience is a plus
- Effectively communicates technical and nontechnical concepts to a variety of audiences.
- Communicates well with customer technical staff and management
- Methodically gathers, documents, and presents specific customer requirements
- Follows existing processes and procedures, and propose updates to such. Develop new processes and procedures as necessary
- Works with minimal supervision, set priorities, and give attention to detail and quality
- Demonstrates strong organizational and time-management skills: multitasking, working individually and with a team, having a positive attitude, being self-motivated and reliable, being trustworthy, having strong interpersonal and diplomatic skills
- Be proficient with Microsoft Office
- Excellent written communication skills
- Ability to work independently and lead small teams internally, whether onsite or remotely
- Willingness to travel domestically as needed, not to exceed 20%
Additional Qualifications
- Security+, Certified Information System Auditor (CISA), and/or Systems Security Certified Practitioner (SSCP) highly desired
- Certified Information Systems Security Professional (CISSP) certification desired
- Candidate must be a US Citizen.
Qualified candidates should submit resumes via email.
Download job opening PDF here.
Senior Cybersecurity Engineer
ACTIVECYBER is seeking a full-time Senior Cybersecurity Engineer to support and lead our growing cybersecurity team and commercial clients in the Washington DC metro area. The responsibilities of the position includes security engineering, security assessment and testing, vulnerability assessments, penetration testing and information system security oversight activities that support complex systems from the perspective of sophisticated threat actors. The Senior Cybersecurity Engineer will be responsible for leading security assessments of new and existing systems, performing research for the development of new security architectures, and testing tactics, techniques, and procedures for the protection of information.
Responsibilities
Requirements
Additional Qualifications
Qualified candidates should submit resumes via email.
Download job opening PDF here.
ACTIVECYBER is seeking a full-time Senior Cybersecurity Engineer to support and lead our growing cybersecurity team and commercial clients in the Washington DC metro area. The responsibilities of the position includes security engineering, security assessment and testing, vulnerability assessments, penetration testing and information system security oversight activities that support complex systems from the perspective of sophisticated threat actors. The Senior Cybersecurity Engineer will be responsible for leading security assessments of new and existing systems, performing research for the development of new security architectures, and testing tactics, techniques, and procedures for the protection of information.
Responsibilities
- Perform vulnerability scans, network penetration tests, web application testing, threat analysis, wireless network assessments and social engineering assessments
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences
- Effectively communicate findings and strategy to customer stakeholders, including technical staff and executive leadership
- Recognize and safely utilize attacker tools, tactics and procedures
- Develop scripts, tools or methodologies to enhance the penetration testing process
- Lead a penetration test and security assessment from kickoff through remediation, mentoring less experienced staff
Requirements
- Bachelor’s degree in a technical discipline, or equivalent experience
- 5-7 years of security engineering experience
- Experience performing and leading advanced assessments related to network device, application, source code, database, middleware and host security
- Hands-on experience with commercial tools commonly used to perform security assessments (e.g., Metasploit, Nessus, Qualys, Burp, Accunetix, etc.)
- Strong knowledge of common attack techniques (e.g., SQL injection, fuzzing, parameter manipulation)
- Experience conducting analysis of electronic media, packet capture, log data and network devices in support of intrusion analysis or enterprise level information security operations
- Expertise consulting with stakeholders to define needs, develop requirements and analyze findings to advise and recommend solutions
- Excellent communication and presentation skills with the ability to present to a variety of external audiences, including senior executives
- Excellent written communication skills
- Ability to work independently and lead small teams internally, whether onsite or remotely
- Willingness to travel domestically as needed, not to exceed 20%
Additional Qualifications
- GIAC Penetration Tester (GPEN), CEH (Certified Ethical Hacker), and/or Offensive Security Certified Professional (OSCP) highly desired
- Certified Information Systems Security Professional (CISSP) certification desired
- Experience with malware analysis and reverse engineering desired
- Candidate must be a US Citizen.
Qualified candidates should submit resumes via email.
Download job opening PDF here.
Benefits
All full-time positions at ACTIVECYBER are eligible for benefits including healthcare, dental, vision, matching SIMPLE IRA, PTO, and industry training. Competitive salary commensurate with experience and ability to demonstrate proficiency in the position requirements.
ACTIVECYBER is an Equal Opportunity Employer.
All full-time positions at ACTIVECYBER are eligible for benefits including healthcare, dental, vision, matching SIMPLE IRA, PTO, and industry training. Competitive salary commensurate with experience and ability to demonstrate proficiency in the position requirements.
ACTIVECYBER is an Equal Opportunity Employer.
