Exploitation Analyst – TS/SCI Clearance | Norfolk, VA

Exploitation Analyst TS/SCI Clearance Norfolk VA

Cambridge International Systems Inc.

Join a dynamic global team united by shared values: commitment integrity and perseverance. At Cambridge youll work alongside top talent worldwide tackling some of todays most complex and critical challenges in defense and security.

We are currently seeking an Exploitation Analyst to support operations in Norfolk VA. This is a full-time position requiring an active DoD TS/SCI clearance.

This position is contingent upon contract award with an expected award date of November 2025.

What Youll Do

• HQ Tasks:

• Serve as the Exploitation Analyst supporting cyber survivability policy and process oversight to warfare divisions and becoming proficient in and following thec yber T&E concept of operations SOPs policies and guidance.

• Support sustainment and updating of the to conduct and instruct Cyber Survivability Test Planning course.

• Attend the required meetings in support of OT&E.

• Inform 01D Future Operations Officer of any challenges and issues in a timely manner for resolution

• Maintain and participate in the development of 01D SOPs and the Cyber test planning documents to include participation in and support of the CCB process.

• Pre-Test Planning

• Support the Future Operations Officer to determine overall test strategy and level of cyber OT&E for acquisition programs.

• Support the Future Operations Officer in reviewing Test and Evaluation Master Plan (TEMP) (or other types of OT&E resourcing documents) Integrated Evaluation Framework (IEF) test plan or other test planning related documents to ensure adequate test strategies are established within the policies and guidelines to include adjudication of related comments from stakeholders.

• Support program specific T&E Integrated Product Team (IPT) cyber table tops and other internal or external events as assigned and non-program specific T&E IPTs technical exchange meetings and other briefs and meetings as required.

• Test Planning

• Develop cyber survivability test plans following the Cyber OT&E procedures and templates and with minimal administrative errors.

• Coordinate with the warfare divisions and red team operators to ensure defined test objectives are comprehensive and executable data collection requirements are adequately defined cyber test capabilities are identified resourced and integrated prior to the test plan being signed.

• Attend test planning visits in support of cyber OT&E planning.

• Lead preparation of test execution including

• Participate in site pre-test coordination visits. Provide an in brief to the test site.

• Conduct Pre-Execution Brief to 01D leadership.

• Prepare library of data needed for test and arrange for its arrival at the test site.

• Ensure all deconfliction requirements are met prior to test execution in accordance with JFHQ DoDIN and Navy Cyber Defense Operations Command guidance

• Lead execution of cyber OT&E related test events as assigned supporting cooperative vulnerability penetration assessments and adversarial assessments in accordance with DoD guidance and the yber OT&E policies guidance and procedures.

• Coordinate with the OTD site personnel program office SMEs and supporting red teams.

• Ensure test are conducted safely and the policies are adhered to.

• Follow JFHQ-DODIN deconfliction procedures

• Verify collected data for accuracy and completeness.

• Conduct daily hotwashes during test and submit a daily summary report to the OTD and 01D leadership.

• Ensure all test objectives are completed

• Post-Test

• Support the Future Operations Officer during the post-test process to ensure traceability between test objectives collected data and post-test deliverables.

• Coordinate with the OTD to set up post-test meetings.

• Participate in post-test processes including data upload scoring board 01D Review Board CEWG SERB and E-SERB.

• Lead generation of final report products to ensure the information is technically accurate following the Cyber OT&E procedures and templates and with minimal administrative errors. This includes drafting of the Data Analysis Summary and Results Enclosure and reviewing Blue/Gold Sheets drafted by Red Team Operators.

What Youll Bring

Required Qualifications:

• Education & Experience:

• Bachelors degree in computer science cybersecurity or related technical degree OR minimum 5 years experience in DoD defensive or offensive cyberspace operations planning or exploitation analysis

• Technical Expertise:

• Proficiency in decomposing complex computer systems/networking configurations in support of system exploitation analysis

• Proficiency in Microsoft Office Applications (MS Visio Project Excel PowerPoint etc.)

• Ability to perform detail-oriented work quality assurance/quality control prior to delivery to the government.

• Excellent written and oral communications skills to support briefing senior leadership (O6/GS-15 or higher)

• Certifications:

• Eligible to obtain and keep active a DoD TS/SCI security clearance.

• Proficient with modern IT tools and infrastructure technologies

Preferred (Nice to Have):

• Knowledge of basic physical computer components and architectures including the functions of various components and peripherals (e.g. CPUs Ns data storage).

• Ability to create comprehensive exploitation strategies that identify exploitable technical or operational vulnerabilities.

• Ability to collaborate effectively with others.

• Ability to communicate complex information concepts or ideas in a confident and well-organized manner through verbal written and/or visual means.

• Knowledge of internet network addressing (IP addresses classless inter-domain routing TCP/UDP port numbering).

• Ability to identify/describe target vulnerability.

• Knowledge of a wide range of basic communications media concepts and terminology (e.g. computer and telephone networks satellite cable wireless).

• Knowledge of attack methods and techniques (DDoS brute force spoofing etc.).

• Knowledge of basic malicious activity concepts (e.g. foot printing scanning and enumeration).

• Knowledge of common networking devices and their configurations.

• Knowledge of concepts for operating systems (e.g. Linux Unix).

• Knowledge of data communications terminology (e.g. networking protocols Ethernet IP encryption optical devices removable media).

• Knowledge of how hubs switches routers work together in the design of a network.

• Knowledge of how internet applications work (Simple Mail Transfer Protocol (SMTP) email web-based email chat clients voice over IP).

• Knowledge of Internet and routing protocols.

• Knowledge of network security (e.g. encryption firewalls authentication honey pots perimeter protection).

• Knowledge of the basic structure architecture and design of modern communication networks.

• Skill in recognizing technical information that may be used for leads to enable remote operations (data includes users passwords email addresses IP ranges of the target frequency in DNI behavior mail servers domain servers SMTP header information).

• Knowledge of front-end collection systems including traffic collection filtering and selection.

• Perform analysis for SUT infrastructure exploitation activities.

• Collaborate with other internal and external partner organizations on target access and operational issues.

• Conduct analysis of physical and logical digital technologies (e.g. wireless supervisory control and data acquisition telecom) to identify likely avenues of access.

• Lead or enable exploitation operations in support of organization objectives and target requirements.

• Maintain awareness of advancements in hardware and software technologies (e.g. attend training or conferences reading) and their likely implications.

• Ability to accurately and completely source all data used in intelligence assessment and/or planning products.

• Ability to develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.

• Ability to evaluate analyze and synthesize large quantities of data (which may be fragmented and contradictory) into high quality fused targeting/intelligence products.

• Knowledge of both internal and external customers and partner organizations including information needs objectives structure capabilities etc.

• Knowledge of client organizations including information needs objectives structure capabilities etc.

• Knowledge of common reporting databases and tools.

• Knowledge of all relevant reporting and dissemination procedures.

• Knowledge of strategies and tools for target research.

• Knowledge of organizational and partner policies tools capabilities and procedures.

• Knowledge of organizational and partner authorities responsibilities and contributions to achieving objectives.

• Skill in creating plans in support of remote operations.

• Skill in generating test plans in support of mission requirements.

• Skill in analyzing network device configurations.

• Skill in assessing system under test security posture.

• Skill in documenting the execution and results in conducting a cyber OT&E event.

• Ability to incorporate the Red Team infrastructure and capabilities into OT&E test objective development.

• Knowledge of the basic structure architecture design and vulnerabilities of communications systems.

• Knowledge of virtualized and cloud-based systems.

Travel & Passport

• Some overnight stays possible.

Work Environment

• Compliance with vaccination and medical requirements for TDY/OCONUS roles as per Vaccine Recommendations by AOR .

Office setting:

• Primarily an office-based role in Norfolk VA

• Standard desk/computer work with flexibility for walking and movement on site

• Must be able to work in an office environment sitting at a desk looking at a computer for most of the workday.

• Work is physically comfortable; the employee has discretion about sitting walking standing etc.

• May be required to travel short distances to offices/conference rooms and buildings on site.

Background & Security

• Employment is contingent upon successful background investigation

• Drug screening may be required for federal contract compliance

Benefits & Perks

We believe in investing in our teamboth professionally and personally:

• Medical dental vision life accident and critical illness insurance

• 401(k) immediate vesting and match

• Paid time off and company holidays

• Generous tuition & training support

• Relocation assistance

• Sign-on and performance-based bonuses

• Employee referral program

• Access to Tickets at Work EAP wellness initiatives and more

Join Us

If youre driven by mission technology and teamworkwe want to hear from you. Cambridge is growing and this position is just one of many opportunities on our global team. Know someone perfect for the role Referrals are welcomeboth employees and non-employees may qualify for a bonus.

Apply today and help shape the future of secure cloud computing for national security.

About Cambridge International Systems

At Cambridge innovation grows through diversity. We are proud to be an equal opportunity employer committed to creating an inclusive and supportive work environment for all. Learn more at .