RiVidium Configuration Management Job Application

Applying for a Position



Vulnerability Assessment Analyst - Intermediate

Return to the jobs search page

Requisition #: PR-VAM-001-2 (NCR)

Job Title: Vulnerability Assessment Analyst - Intermediate

Job Description:

LOCATION:  National Capital Region - Washington, DC or Northern Virginia




Performs assessments of systems and networks within the NE or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.


  • Analyze organization's cyber defense policies and configurations and evaluate compliance with regulations and organizational directives.
  • Conduct and/or support authorized penetration testing on enterprise network assets.
  • Maintain deployable cyber defense audit toolkit (e.g., specialized cyber defense software and hardware) to support cyber defense audit missions.
  • Maintain knowledge of applicable cyber defense policies, regulations, and compliance documents specifically related to cyber defense auditing.
  •  Prepare audit reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions.
  • Conduct required reviews as appropriate within environment (e.g., Technical Surveillance, Countermeasure Reviews [TSCM], TEMPEST countermeasure reviews).
  • Perform technical (evaluation of technology) and nontechnical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, supporting infrastructure, and applications).
  • Make recommendations regarding the selection of cost-effective security controls to mitigate risk (e.g., protection of information, systems and processes).


  • Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
  • Skill in assessing the robustness of security systems and designs.
  • Skill in detecting host and network based intrusions via intrusion detection technologies (e.g., Snort).
  • Skill in mimicking threat behaviors.
  • Skill in the use of penetration testing tools and techniques.
  • Skill in the use of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.).
  • Skill in using network analysis tools to identify vulnerabilities. (e.g., fuzzing, nmap, etc.).
  • Skill in reviewing logs to identify evidence of past intrusions.
  • Skill in conducting application vulnerability assessments.
  • Skill in performing impact/risk assessments.
  • Skill to develop insights about the context of an organization’s threat environment
  •  Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).



Bachelor degree or higher from an accredited college or university

Prefer an accredited Computer Science, Cyber Security, Information Technology, Software Engineering, Information Systems, or Computer Engineering degree; or a degree in a Mathematics or Engineering field.




Please fill out the short application form below. If you have applied for a position with RiVidium in the past, we will know by querying your email address within our database once you submit the form. At that time we will ask you if you would like to use the resume we have on file to apply for the position described above. You will also have the option to submit a new resume if you wish to do so.

Please fill out application

  • select
    Please enter the chararacters

Back to the Top