Senior Cyber Threat Analyst – Assessment / Active TS/SCI

Required

• Bachelor’s degree (STEM/Business Admin) and a minimum of 5 years of penetration testing or vulnerability assessment experience; or an associate’s degree and minimum of 7 years specialized experience; or 11 years of relevant experience in lieu fo the bachelor degree requirement
  • Must meet TESA Qualification
• DoD 8140- Cybersecurity (Vulnerability Analyst) - Intermediate
• Certifications — must hold active certifications (one of the following):
  • TCM Security PNPT; OR
  • OSCP (Offensive Security Certified Professional); OR
  • HTB CPTS (Hack The Box Certified Penetration Testing Specialist); OR
  • Zero Point Security RTO (Red Team Ops); OR
  • OSCE (Offensive Security Certified Expert); OR
  • GPEN (GIAC Penetration Tester); OR
  • GWAPT (GIAC Web Application Penetration Tester); OR
  • GAWN (GIAC Assessing and Auditing Wireless Networks); OR
  • GXPN (GIAC Exploit Researcher and Advanced Penetration Tester); OR
  • GWEB (GIAC Certified Web Application Defender)
• U.S. citizenship required
• Active DoD TS/SCI clearance or higher

Preferred

• Advanced proficiency with Metasploit Framework and Metasploit Pro for exploitation and post-exploitation operations
• Expert-level Burp Suite Pro skills for web application vulnerability identification and exploitation
• Experience with OWASP ZAP for automated and manual web application security testing
• Familiarity with Cobalt Strike or Havoc C2 for adversary simulation and red team operations
• Proficiency with BloodHound and SharpHound for Active Directory attack path enumeration
• Strong scripting skills in Python and PowerShell for custom exploit development and automation
• Experience with PowerShell Empire or similar post-exploitation frameworks for Windows environments
• Demonstrated ability to produce executive-level and technical assessment reports with clear remediation guidance

Program / Location

Peraton is seeking to hire an experienced Senior Cyber Threat Analyst – Assessment resource for its’ Regional Cyber Center-Europe program

Location: On-site, Wiesbaden, Germany

Responsibilities

• Lead and execute Network Assistance Visits (NAVs) and Persistent Penetration Tests (PPTs) against USAREUR-AF mission partner networks, coordinating all phases from scoping and planning through execution and reporting
• Conduct comprehensive web application security assessments using OWASP methodology, Burp Suite, and OWASP ZAP to identify vulnerabilities including injection flaws, authentication weaknesses, and access control failures
• Perform in-depth Microsoft Active Directory and Linux security assessments, identifying misconfigurations, privilege escalation paths, and lateral movement opportunities using tools such as BloodHound and PowerView
• Employ exploitation frameworks including Metasploit, Core Impact, and Immunity Canvas to validate identified vulnerabilities and demonstrate real-world attack impact to mission owners
• Produce detailed, professional assessment reports that clearly communicate findings, risk ratings, evidence, and prioritized remediation recommendations to both technical and executive audiences
• Mentor and technically guide junior assessment team members, conducting knowledge transfer sessions, reviewing deliverables, and developing team proficiency in emerging offensive security techniques and tools

#RCC-E