The USAID Cybersecurity for Critical Infrastructure in Ukraine Activity is seeking a vulnerability analyst to detect weaknesses in networks and software for the organization and accordingly take measures to correct and strengthen security within the overall system. This serves to provide key support to determine critical security flaws and develop effective mitigation and proactive implementation strategies to shore up such flaws for the organization. The role will include formulating appropriate measures to develop risk-based mitigation strategies for networks, operating systems, and applications. The vulnerabilities analyst will also entail support in establishing standard practices and policies for a new Cyber Center, as well as developing organizational, training, and technical plan, utilizing skills pertaining to vulnerability analysis and other key considerations in this technical area.
Duties and Responsibilities:
Analyze existing practices and propose modifications and new policies/practices
Compile and track vulnerabilities and mitigation results to quantify program effectiveness
Create and maintain vulnerability management policies, procedures, and training
Review and define requirements for information security solutions
Organize network-based scans to identify possible network security attacks and host-based scans to identify vulnerabilities in workstations, servers, and other network hosts.
Penetration testing to uncover vulnerabilities in the Cyber Center’s network and provide solutions to manage the vulnerabilities.
On-the-job training/knowledge transfer to other staff
Qualifications and Experience:
Bachelor’s degree in computer science or related discipline and at least 3 years of experience working on programs of similar technical scope.
Deep understanding of web application security threats, exploits, and prevention
Knowledge and understanding of systems and/or network design principles and thorough understanding of security principles and technical architectures
Proven ability to correlate and analyze log information, packet captures, security alerts, and artifacts
Experience working with web applications and browser security; security assessments and penetration testing; identity and access control; applied cryptography and security protocols; security information and event monitoring and intrusion detection.
Strong written and verbal communication skills, and the ability to communicate effectively to all levels of staff.
Demonstrated ability to work as a member of a team and strong interest in professional growth.
Critical thinking and problem-solving abilities
Proven ability to work under tight deadlines with minimal supervision.
Excellent interpersonal skills and proven ability to manage multiple tasks simultaneously.
Fluency of Ukrainian; knowledge of English and Russian
Qualified candidates should send their CV and cover letter to UkraineCCI_Recruitment@dai.com and submit both CVs and cover letters in English. Only short-listed candidates will receive notice requesting additional information.