Analyze Cybersecurity foundational elements within DoD organizations to assess their ability to defend against, respond to, and recover from an attack and validate agency implementation of technical controls, tools, and technologies and people, processes, and program maturity. Participate in the mission meetings required to document client requirements and analyze the production of a mission Security Assessment Plan (SAP), including System Under Test (SUT) Security Control Areas, mission timelines, communication plan, scope, and a testing plan for security control validation. Support Independent Verification and Validation (IV&V) assessment missions for DoD clients, including automated and manual testing, examination, scanning, interviewing, and discovery techniques to identify, validate, and assess vulnerabilities. Work collaboratively as part of a team to assess any device on the DoD enterprise backbone, including servers, workstations, network devices, storage devices, such as Fibre Channel, NAS, and storage controllers, applications, such as Web, database, e-mail, FTP, and SSH, and security devices, such as firewalls, IDS, and Web content filters. Assist with the development of a Security Assessment Final Report (SAFR) to summarize the security assessment mission, identify high security risks, threats, and failures found during the mission within the executive summary, provide a detailed findings section detailing every finding with an overview, evidence, root cause analysis, and recommended mitigation plan of action addressing each security issue.
More Information go to: https://careers.boozallen.com/en-US/job/blue-team-security-assessment-independent-verification-and-vulnerability-enginee/J3W3YN73V4KTMXFSY2S