Lockheed Martin Cyber Intel Analyst in Linthicum, Maryland

The Vulnerability team member position will provide technical support the DoD Vulnerability Disclosure Program (VDP) for the Defense Cyber Crime Center (DC3). These activities directly support the mission to improve defense of the DoD Information Network (DoDIN), by receiving, validating, and disseminating cybersecurity vulnerabilities reported by private-sector researchers. The VDP team tracks and analyzes reported vulnerabilities and mitigation actions by systems owners to identify gaps in DoDIn defenses; areas requiring increased attention, and areas for improvement. This position performs technical validation and initial severity assessment of externally-reported web security vulnerabilities

Vulnerability Team Member Position Description: This position performs technical validation and initial severity assessment of externally-reported web security vulnerabilities.

Basic Qualifications -Expert technical understanding of software and web application security (e.g., security headers, TLS configuration, secure design and coding practices) and vulnerabilities (e.g. XSS, SQLi, XXE, injection and inclusion) -Demonstrated technical ability to validate web vulnerabilities on live DoD web properties using manual techniques and common tools -Demonstrated ability to recognize, interpret, and communicate in information assurance vulnerability management (IAVM), Risk Management Framework (RMF), and security technical implementation guides (STIGs) -Demonstrated knowledge of various software testing methodologies, test case creation and the reporting process -Knowledge of current DoD cyber security challenges and threats -Knowledge of common web application architecture and programming techniques, including common languages (e.g., JavaScript, PHP, SQL) - Exceptional verbal and written communication skills; ability to provide expert review of accurate and timely technical reports for release for external customers -Ability to work multiple tasks and flexibility to adapt to dynamic work environment to meet organizational requirements -Ability to use sound judgement when conducting live testing to avoid or minimize impact to production services and data -Superior organizational skills to analyze, develop, and deliver detailed reports to meet short suspense windows -Certifications (any): CISSP, CEH, GCIH, Network+, Security+, A+, CCNA

Desired skills -Demonstrated experience leading a team -Demonstrated experience with ISS and Apache servers -Demonstrated knowledge of Python, CGI gateways and other application development and web design -Demonstrated knowledge of industry standard applications such as BURP, Netsparker, and Zed Attack Proxy

As a leading technology innovation company, Lockheed Martin’s vast team works with partners around the world to bring proven performance to our customers’ toughest challenges. Lockheed Martin has employees based in many states throughout the U.S., and Internationally, with business locations in many nations and territories.

Join us at Lockheed Martin, where we’re engineering a better tomorrow.

Lockheed Martin is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

Job Location(s): Linthicum Maryland