Senior Cyber Threat Analyst - Assessment

Responsibilities

Peraton is seeking to hire an experienced Senior Cyber Threat Analyst – Assessment for the Regional Cyber Center – Europe (RCC‑E) program. Location: On-site, Wiesbaden, Germany.

Potentially 2nd/3rd Shift work required.

• Lead and execute Network Assistance Visits (NAVs) and Persistent Penetration Tests (PPTs) against USAREUR‑AF mission partner networks, coordinating all phases from scoping and planning through execution and reporting.
• Conduct comprehensive web application security assessments using OWASP methodology, Burp Suite, and OWASP ZAP to identify vulnerabilities including injection flaws, authentication weaknesses, and access control failures.
• Perform in‑depth Microsoft Active Directory and Linux security assessments, identifying misconfigurations, privilege escalation paths, and lateral movement opportunities using tools such as BloodHound and PowerView.
• Employ exploitation frameworks including Metasploit, Core Impact, and Immunity Canvas to validate identified vulnerabilities and demonstrate real‑world attack impact to mission owners.
• Produce detailed, professional assessment reports that clearly communicate findings, risk ratings, evidence, and prioritized remediation recommendations to both technical and executive audiences.
• Mentor and technically guide junior assessment team members, conducting knowledge transfer sessions, reviewing deliverables, and developing team proficiency in emerging offensive security techniques and tools.

Qualifications

• 5 years of penetration testing or vulnerability assessment experience with a Bachelor’s degree in a STEM field or Business Administration; 11 years of relevant experience may substitute for degree.
• Must meet TESA Qualifications.
• DoD 8140‑Cybersecurity (Vulnerability Analyst) – Intermediate.
• Certifications: active certification from one of the following – TCM Security PNPT, OSCP, HTB CPTS, Zero Point Security RTO, OSCE, GPEN, GWAPT, GAWN, GXPN, or GWEB.
• U.S. citizenship required.
• Active DoD TS/SCI clearance.

Preferred:

• Advanced proficiency with Metasploit Framework and Metasploit Pro for exploitation and post‑exploitation operations.
• Expert‑level Burp Suite Pro skills for web application vulnerability identification and exploitation.
• Experience with OWASP ZAP for automated and manual web application security testing.
• Familiarity with Cobalt Strike or Havoc C2 for adversary simulation and red‑team operations.
• Proficiency with BloodHound and SharpHound for Active Directory attack path enumeration.
• Strong scripting skills in Python and PowerShell for custom exploit development and automation.
• Experience with PowerShell Empire or similar post‑exploration frameworks for Windows environments.
• Demonstrated ability to produce executive‑level and technical assessment reports with clear remediation guidance.

Benefits and Compensation

Target Salary Range: $104,000 – $166,000 . Salary is determined by factors including scope of responsibilities, experience, education, skills, and location. Eligible for overtime, shift differential, and discretionary bonus in addition to base pay.

EEO Statement

Equal opportunity employer, including disability, protected veterans, and other characteristics protected by law.