Why Work for BreakPoint Labs?
BreakPoint Labs is growing quickly and constantly seeking enthusiastic cybersecurity professionals to solve its clients’ most technical challenges. Through an established corporate culture, BreakPoint Labs embraces a highly technical, ‘geeky’ workforce passionate about developing and leveraging technology to secure cyberspace.
If you are interested in joining the BreakPoint Labs Team, please submit a copy of your resume to email@example.com.
Blue Team Lead - Alexandria, VA
< BreakPoint Labs has an opening for a technical lead on the Security Assessment Team (Blue Team). The Blue Team Lead will manage, coordinate, perform and assist the Government in all facets of security auditing, assessments and with the DISA CCRI/CCROI process./>
- Serve as the technical lead on the Security Assessment Team (Blue Team).
- Manage, coordinate, perform and assist the Government in all facets of security auditing, assessments and with the DISA CCRI/CCROI process.
- Manage, coordinate and assist the Government in conducting security assessments on new technologies being introduced to the Coast Guard network.
- Manage, coordinate and assist the Government in evaluating and approving all firewall rules IAW best practices, PPSM requirements, and applicable DOD policy and guidance.
- Manage, coordinate and assist the Government in evaluating external website usage within the Coast Guard as appropriate.
- Perform technical functions as a Blue Team Analyst during assessments.
- Experience performing manual and automated DoD STIG compliance auditing on multiple technologies (ex: Network Devices, Operating systems, and applications such as DNS, web, and database) through the use of STIGviewer, SCAP Compliance Checker, Policy Auditor, App Detective, and ACAS.
- Experience performing vulnerability scans, checking for false positives, troubleshooting scan failures, and presenting results in context of DISA time lines and severity.
- Ability to comprehend higher level controls such as DoD Security Requirements Guides, determine their applicability, how to check for compliance, how to remediate or mitigate in the case of noncompliance, and communicate this information verbally and in reports.
- Deep understanding of the DISA CCRI scoring system, what it measures, and how the measurements work.
- Ability to determine when to upgrade or downgrade the severity score of an audited system or specific finding based on special circumstances such as, combinations of findings that could be used together, or external mitigating factors.
- Must have experience managing projects of similar size and scope.
- Must have a foundational understanding of statistics and probability.
- Knowledge of tools such as HBSS, SCCM, ACAS (NESSUS), CMRS, and SharePoint.
- Must be a team player, mentor and proven leader.
- Bachelor's Degree and 5 years IA or cyber experience required (or additional 6 years experience to replace Bachelor's).
- Certified as an IAT-III (CISSP, CASP CE, CISA, etc.) – Required within 3 months of hire.
- Certified as a CSSP-AU (CEH, CISA, or GSNA) – Required within 30 days of hire.
- Travel expected to be 30%.
- Must possess an active DoD Secret Clearance, and have the ability to maintain a clearance up to Top Secret Level.
A&A Analyst- Alexandria, VA
< BreakPoint Labs has an opening for a Security Control Assessor (SCA)/C&A Analyst that will be a key team member on this highly visible, critical program that bridges DoD and DHS programs, and will be joining a team of highly respected technical professionals./>
- Manage all General Support System (GSS), Major Application (MA), and Standalone authorization packages for customer enclaves.
- Perform vulnerability/risk analyses of computer systems, networks and applications during all phases of the system development life cycle.
- Experience in conducting STIG and vulnerability assessments.
- Perform RMF authorizations.
- Schedule and lead integrated project team meetings ensuring that key deliverables are identified to support authorization efforts.
- DoD/DHS experience using eMASS or XACTA.
- Must be a team player, eager to assist colleagues and government staff with handling evolving priorities and multiple tasks.
- Must have the ability to work in a dynamic environment and meet projected suspense dates.
- Awareness of DoD and NIST specific regulation to support authorization of customer systems.
- Bachelor's Degree and 5 years A&A or relative IT experience required (or additional 6 years experience to replace Bachelor's).
- Certified as an IAT-II (Security +CE) – Required within 30 days of hire.
- Some travel will be required.
- Active Secret DOD clearance.
Cybersecurity Analyst - Dayton, OH or Vicksburg, MS
< BreakPoint Labs is seeking a Cybersecurity Analyst who applies technical and functional expertise to support defensive cyber operations for large-scale enterprise networks./>
- Conduct network monitoring and intrusion detection analysis using various defensive cyber tools, such as Intrusion Detection/Prevention Systems (IDS/IPS), Firewalls, Host Based Security System (HBSS), etc.
- Correlate network activity across unclassified and classified networks to identify trends of unauthorized use.
- Review alerts and packet-level data from sensors and document formal, technically-details incident reports, when necessary, for dissemination to end customers.
- Research emerging threats and vulnerabilities to aid in the identification of network incidents.
- Provide end customers with incident response support, including mitigating actions to activity and facilitate forensics analysis when necessary.
- Collaborate with counterpart DCO organizations and Network Operations Centers (NOC) on possible threats and exchange analysis or other information on suspicious activity.
- Provide quality customer service with excellent written and oral communication skills.
- Provide direct support to the Defensive Operations Team Lead.
- Operate in a 24x7 environment that requires weekends, holidays and alternate shift work.
- Experience performing technical analysis involving threat event data, evaluating malicious activity, documenting unusual files and data, and identifying tactics, techniques and procedures used by attackers to gain access to Windows, Mac OS and Linux platforms.
- Knowledge of intrusion detection methods protecting DoD computer networks and systems.
- Ability to communicate complex technical and programmatic information, often in the form of verbal and visual operational updates, situation reports and briefings.
- Minimum of an Undergraduate Degree in Computer Science, Information Assurance, IT Management, or related discipline (preferred)
- Security+ and Certified Ethical Hacker (CEH) certifications required within six (6) months from start date, in accordance with DoDD 8570.01-M requirements.
- Less than five percent (5%)
- U.S. Citizenship is required.
- Must possess an active DoD Secret Clearance, and be clearable up to Top Secret level.
Python Developer / DevOps - Lorton, VA
< BreakPoint Labs is seeking a Security Operations Developer in support of a cyber defensive operations for a large-scale enterprise network./>
- Assist in the development of Python based applications to include Django and Flask applications.
- Troubleshoot and fix hardware/software problems on local and remote systems.
- Maintain a modern source code repository and Docker container registry.
- Communicate with customers to plan and support deployments and perform troubleshooting.
- Minimal travel to customer sites across the country to engage with other technical personnel.
- Provide occasional off-hour response to emergency situations.
- Three (3) to five (5) years relevant application development experience: 3 years experience in Information Systems and/or security experience with a Bachelor’s degree or equivalent in work experience.
- Ability to become DoD 8570 compliant by obtaining/maintaining required certifications such as Linux+, Security+, or CEH.
- Proficient Python programming language and use of Linux containers (Docker).
- Expertise in Linux and bash scripting.
- Excellent problem solving skills.
- Experience with Git and modern software development practices.
- Experience with system monitoring and troubleshooting.
- Minimum of an Undergraduate Degree in Computer Science, Information Assurance, IT Management, or related discipline (preferred).
- Security+ and Certified Ethical Hacker (CEH)
- Less than five percent (5%)
- U.S. Citizenship is required.
- Must possess an active DoD Secret Clearance, and have the ability to maintain a clearance up to TS/SCI Level.