Capture Manager

We are looking for an experienced proposal writer and capture manager, with experience responding to commercial and government task orders. The ideal candidate will have experience being a lead writer and will manage proposal activities, including managing proposal schedules and deadlines, maintaining files and solicitations, developing proposal outlines and templates and monitoring the progress of the proposal.

Responsibilities

  • Lead our team to develop compliant, compelling, and accurate proposals.
  • Manage proposal schedules and deadlines.
  • Maintain files and solicitations.
  • Developing proposal outlines and templates.
  • Monitor proposal progress and ensure each proposal is submitted on-time.
  • Design, write, revise, and/or edit the technical content for (RFI, RFP and RFQ responses).
  • Build templates based on the RFI, RFQ, or RFP requirements.
  • Lead capture color team and gate review meetings to ensure integration of all proposal activities.
  • Design and maintain Google Drive proposal support database.
  • Gather, analyze, and compose complex technical information for technical approach sections of federal proposals.

Minimum Requirements

  • Over 5 years developing and managing proposals in commercial or government spaces.
  • Experience responding to GSA Schedule Task orders (GSA IT and PSS Schedules).
  • Strong writing, graphic design, and layout skills.
  • Full life-cycle proposal experience.
  • Must be able to provide samples of previous work and three references.

Submit your resume directly to info@knownetworkrisk.com.


Penetration Tester

We are seeking a Penetration Tester to assist our clients with conducting security assessments of their physical and virtual infrastructure as well as their web and mobile applications.

Responsibilities

  • Conduct network, database, and web-based application penetration tests.
  • Conduct physical security assessments.
  • Conduct logical security audits and hands-on technical security evaluations and implementations.
  • Develop subject matter expertise of focused capabilities in the topics of database security, wireless security, or application and development security.

Minimum Requirements

  • Bachelor of Science in a related field or eight (8) to twelve (12) years of directly related experience or any equivalent combination of education, experience, training and certifications.
  • Familiarity with web proxy tools such as Burp, OWASP Zed Attack Proxy (ZAP), and Fiddler.
  • Experience looking for security issues such as Cross Site Scripting, SQL Injection, Cookie Manipulation, Buffer Overflows, etc.
  • Familiarity with penetration testing tools and tool suites such as Burp Suite Pro, Kali Linux, Metasploit, Nessus, Samurai Web Testing Framework, ParrotSec, etc.
  • In depth familiarity with Windows and UNIX/Linux operating systems.
  • In depth familiarity and experience performing web application security testing using OWASP methodology.
  • Working knowledge of TCP/IP ports and protocols.
  • Excellent written and oral communication skills.
  • Self-motivated and able to work in an independent manner.

Desired Qualifications

  • Familiarity with Open Web Application Security Project (OWASP), National Institute of Standards and Technology (NIST) Special Publications, and Open Source Security Testing Methodology Manual (OSSTMM).
  • Database administration, device configuration hardening and compliance verification experience a plus.
  • OSCP, CISSP, GWAPT, GPEN, GXPN, CEH, or CCNA certification a plus.
  • Familiarity with scripting in UNIX shell, PERL, PowerShell, or Python a plus.
  • Working knowledge of firewalls and other network security products.
  • Knowledge of applied cryptographic protocols.
  • Ability to conduct source code reviews.

Submit your resume directly to info@knownetworkrisk.com.


IT Security Assessor

The IT Security Assessor will be a key member of our security assessment team that will conduct assessments for private and public sector organizations.

Responsibilities

  • Conducting interviews with key client stakeholders to evaluate the current information security practices.
  • Evaluate management, operational, technical, and privacy security policies and procedures.
  • Reviewing security policy and procedural documentation.
  • Reviewing network architecture diagrams and evaluating network access controls.
  • Reviewing system configuration data to identify security weaknesses.
  • Developing recommendations for security issues and vulnerabilities identified during assessments.
  • Communicating results to clients ranging from technical staff to executive management.
  • Developing tools to increase the level of automation for security assessment and reporting methodologies.
  • Provide ongoing subject matter expert support for clients.

Minimum Requirements

  • Five years of security engineering experience involving a broad range of security technologies to include wide area networks, host and network IDS, virtual private networks, remote access, Web Application Firewalls (WAF) and Static Code Analysis.
  • Three years of experience working with the National Institute of Standards (NIST) Special Publication (SP) documents.
  • Must possess a CISSP, CAP, CISA, or CEH (if candidate does not possess a CISSP, the certification must be obtained within first 6 months of hire).
  • Experience analyzing configuration files of firewalls, routers and switches.
  • Candidate will also possess experience analyzing management, operational, technical, and privacy security controls and developing solutions to security problems to meet regulatory requirements such as FISMA, HIPAA, PCI-DSS, etc.
  • Candidates must provide documented experience with security metrics and risk management.
  • The candidate will have experience testing web applications and be proficient with the use of automated technical tools such as Nessus.
  • Strong verbal and written communication skills are highly preferred.
  • Candidates must be fluent in the English language.

Submit your resume directly to info@knownetworkrisk.com.