• Demonstrated experience analyzing IT systems for cyber security vulnerabilities.
• Demonstrated experience developing IT system or network architecture design, conducting IP data flow analysis, encryption configuration, and vulnerability analysis using both open-source and commercial tools, such as Nmap, Wireshark, Metasploit, Canvas, Kismet, or BackTrack.
• Demonstrated experience analyzing IT network configurations of devices such as firewalls, routers, switches, VPNs, or Intrusion Detection/Prevention Systems for cyber security vulnerabilities.
• Demonstrated experience with communications protocols such as IP, TCP, UDP, HTTP, HTTPS, MPLS, OSPF, IGRP, BGP, SIP, H.232.
• Demonstrated experience with multiple OS’s, including Windows, Linux, and OSX.
• Demonstrated experience with Microsoft Windows ver.; 7, 8, 10, 2008R2, 2012, 2012R2, or 2016.
• Demonstrated experience with cloud computing technology and hypervisors such as HyperV, VMWare ESX, or Virtual Box.
• Demonstrated experience with transitioning security domains and use of cross domain appliances.
• Demonstrated experience with network management systems, network storage, backup systems, and disaster recovery (DR) architectures.
• Demonstrated experience performing technical risk assessments and providing technical risk mitigation guidance.
• Demonstrated experience ensuring appropriate risk mitigation considerations, risks and vulnerabilities are well understood and appropriately mitigated.
• Demonstrated experience analyzing procurement processes of hardware, software and services to comply with cyber security and operational needs.
• Demonstrated experience creating concise and well-structured written assessments.
• Certifications: CISSP Certification.

• Demonstrated experience with the Sponsor’s IT review boards.
• Demonstrated experience with providing recommendations to IT architecture and design reviews.
• Demonstrated experience with the Sponsor’s security policies and regulations.
• Demonstrated experience providing recommendations in technical standards, security standards, and operational assurance.
• Demonstrated experience with USG standards such as Intelligence Community Directive (ICD) 503, Federal Information Processing Standards (FIPS), National Institute of Standards and Technology (NIST) Special Publication (SP) 800-37, SP 800-39, SP 800-53, SP 800-53A, SP 800-60.
• Certifications: Certified Information Security Manager (CISM), Certified Ethical Hacker.