Cyber Security Engineer

at Vaco Technology
Location Richmond, VA
Date Posted April 3, 2019
Category Default
Job Type Full-time


**NO THIRD PARTIES** U.S. Citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time.**

Vaco is looking for a talented Cyber Security Engineer to join a growing IT security team. We are searching for a for senior-level cyber security professional who will be responsible for overseeing the development of red teaming methods and activities across the firm, to include (but not limited to) the areas of business continuity, information security, personnel security, operations security, and facilities security.


  • Build and maintain a comprehensive model of relevant, feasible threats to the firm
  • Conduct simulated attacks on firm resources, including but not limited to phishing, web application compromise, social engineering, and penetration testing (pen tester)
  • Conduct ongoing analysis of the firm network and information systems using existing security monitoring tools, analytics tools, and other log sources in order to discover threats, weaknesses, and vulnerabilities
  • Provide regular threat/risk briefings to senior management regarding issues raised by the red team. Present findings within a context of overall risk to the firm. Adjust red team activities and agenda based on senior management input
  • Analyze security violation reports for suspicious activities and patterns
  • Lead testing of installed systems to ensure protection strategies are properly implemented and functioning as intended
  • Work closely with infrastructure and security teams, both to receive input and to provide practical and actionable intelligence


  • Prefer Bachelor's Degree in Information Technology or Computer Information Systems
  • Must have a minimum of ten years of relevant experience
  • Demonstrated knowledge and experience with various network protocols, firewalls, penetration testing tools, remote access, network operating systems and vulnerabilities, PC operating systems and vulnerabilities and network management tools. Specific experience required: TCP/IP, log review/analysis, Windows operating systems, Tenable Security Center
  • Excellent analytical, problem-solving, customer service, project management and communication skills are required
  • Understanding of operating system internals and network protocols
  • Knowledge in application technology security testing (white box, black box and code review)
  • Understand system technology security testing (vulnerability scanning and penetration testing)
  • Microsoft and/or Cisco certifications helpful. CEH certification preferred. CISSP and CISA certifications strongly preferred
  • Prefer those candidates with community contributions like public CVEs, bug bounties, open source tools and/or blogs

**NO THIRD PARTIES** U.S. Citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time.**