Cyber Threat Analyst - Assessment / Active TS/SCI

Responsibilities

Peraton is seeking an experienced Cyber Threat Analyst - Assessment resource for its Regional Cyber Center-Europe program.

Location: On-site, Wiesbaden, Germany

• Conduct vulnerability assessments and penetration tests against USAREUR-AF network infrastructure, endpoints, and applications in support of CSSP assessment missions (NAVs and PPTs)
• Perform web application security testing using OWASP methodology and tools including Burp Suite and OWASP ZAP, identifying and validating vulnerabilities across mission partner web services
• Execute Active Directory and Linux security assessments to identify privilege escalation paths, credential exposure risks, and lateral movement opportunities within target environments
• Utilize penetration testing frameworks including Metasploit and Burp Suite to safely exploit validated vulnerabilities and demonstrate risk to mission owners in a controlled manner
• Document all assessment findings in structured reports, including vulnerability descriptions, evidence screenshots, CVSS risk ratings, and actionable remediation recommendations
• Support mission owners and network defenders with post-assessment remediation guidance, answering technical questions and providing clarification on findings to facilitate effective risk reduction

Required Qualifications

• Bachelors degree and a minimum of 5 years of penetration testing or vulnerability assessment experience
  • Associate's degree + 7 years specialized experience
  • 11 years of experience (no degree)
• DoW 8140 - Cybersecurity (Vulnerability Analyst) - Intermediate
• Certifications - must hold active certifications (one of the following):
  • TCM Security PNPT; OR
  • HTB CPTS (Hack The Box Certified Penetration Testing Specialist); OR
  • Zero Point Security RTO (Red Team Ops); OR
  • OSCP (Offensive Security Certified Professional); OR
  • OSCE (Offensive Security Certified Expert); OR
  • GPEN (GIAC Penetration Tester); OR
  • GWAPT (GIAC Web Application Penetration Tester); OR
  • GAWN (GIAC Assessing and Auditing Wireless Networks); OR
  • GXPN (GIAC Exploit Researcher and Advanced Penetration Tester); OR
  • GWEB (GIAC Certified Web Application Defender)
• U.S. citizenship required
• Active DoW TS/SCI clearance

Preferred Qualifications

• Hands-on experience with Metasploit Framework for vulnerability exploitation and post-exploitation activities
• Proficiency with Burp Suite Pro for manual and automated web application security testing
• Familiarity with OWASP ZAP for web vulnerability scanning and validation
• Experience with Nmap and Nessus/OpenVAS for network discovery and vulnerability scanning
• Working knowledge of BloodHound for Active Directory enumeration and attack path analysis
• Scripting proficiency in Python, Bash, or PowerShell for custom tool development and test automation
• Familiarity with vulnerability scoring frameworks (CVSS) and risk-based reporting methodologies
• Experience with vulnerability management platforms (e.g., Tenable.sc, Rapid7 InsightVM)

Target Salary Range

$80,000 - $128,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

EEO

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.All