Vulnerability Researcher IV - 1000

Empower your career with Zivaro, where passion meets innovation and inclusion! Embrace the future of IT while being a part of Zivaro's pioneering tech community.

Zivaro isn’t just about technology—it’s about people. We thrive on the energy, talent, and dedication of our workforce. From our culture to professional development, we prioritize our team. We live by our core values every day and hope you will as well!  Come join a Top Workplaces organization!

The Cybersecurity SME leads efforts to identify vulnerabilities and cybersecurity threats to programs, functions, products, applications, and systems. You will need to utilize various intelligence sources such as HUMINT, SIGINT, GEOINT, OSINT, and others to assess vulnerabilities and conduct security evaluations of hardware and software components, architectures, algorithms, and protocols. You will analyze and characterize identified vulnerabilities and threats and assess the impact of these vulnerabilities and threats on the operations and missions supported by the systems. The Cybersecurity SME also delivers both formal and informal reports, briefings, and perspectives on actual and potential attacks against the systems, technologies, applications, operations, or missions under study. In addition, you will supervise and mentor subordinate project and ICON Innovation Collaborative (IIC) staff members.

• Show no “critical” and/or “high” compliance and/or vulnerability findings in scan results from the Statistic Application Security Testing (SAST) and Dynamic Application Security Testing (DAST)
• Capable of operating and achieving an Assessment and Authorization (A&A) certification
• Maintain appropriate DoD Impact Level (IL) rating per the security level of the system’s data hosted on the Cloud solution
• Lead efforts to identify vulnerabilities and cybersecurity threats to programs, functions, products, applications, and systems
• TITLE: Cybersecurity SME DEPARTMENT: Mission Engineering
• LOCATION: FT. Meade MANAGEMENT ROLE: NO
• EXEMPT / NON-EXEMPT: Exempt EEO CODE:
• Utilize various intelligence sources such as HUMINT, SIGINT, GEOINT, OSINT, and others to assess vulnerabilities and conduct security evaluations of hardware and software components, architectures, algorithms, and protocols
• Shall use a Development Security Operations (DevSecOps) strategy
• Develop the Authority-To-Operate (ATO) authorization plan to ensure the CI/CD pipeline(s)
• Actively participate in cross-functional teams
• Performing STIG and IAVA verification activities on systems/servers for both cloud and on-premises deployments
• Defines cybersecurity processes for DevSecOps processes and tools
• Prepare related IA artifacts & reports
• Supervise and mentor subordinate project and ICON Innovation Collaborative (IIC) staff members.
• Support program leadership with information security assurance expertise
• Evaluate current program solutions & architecture to include applications, databases and networks
• Manage multiple tasks while positively influence team members, establishing and maintaining excellent customer relationships and delivering positive results

• Experience working on government contracts
• Experience with risk analysis and review
• Prior STIG and IAVA patching and/or /verification experience with DoD mission systems to NIPRNet and SIPRNet
• Experience using ACAS and applying STIGs manually to generate IA artifacts/bodies of evidence
• Experience hardening platforms and applications in a Kubernetes environment
• 12+ years of experience
• Required TS/SCI w/ CI Poly Security Clearance

• BS/MS degree in Computer Science, Engineering or a related subject preferred

Benefits: Benefit offerings include medical, dental, vision, life insurance, disability, flexible spending accounts, paid holidays, flexible PTO program, 401k program. Come join a Top Places to Work organization!

U.S. Citizenship is required for all positions at Zivaro, due to security clearance and government/federal contracts held by Zivaro.

EEO STATEMENT

 Zivaro, Inc. is an equal opportunity employer. In accordance with anti-discrimination law, it is the purpose of this policy to effectuate these principles and mandates. Zivaro prohibits discrimination and harassment of any type and affords equal employment opportunities to employees and applicants without regard to race, color, religion, sex, sexual orientation, gender identity or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law.