Employee Type: Full-Time Location: Suffolk, VA Job Type: Cyber Security Assessor-Network Experience: 3 Years Clearance Type: TS/SCI AERMOR is seeking a highly skilled Cyber Security Assessor – Network. The ideal candidate will have a minimum of three (3) years’ experience in DoD Network Operations or IA operations. The assessor will be responsible for evaluating cybersecurity measures, conducting vulnerability assessments, and ensuring compliance with DoD security guidelines. This is not a remote position. Responsibilities: Ensure that the architecture and design of DoD information systems are both functional and secure. Conduct network security audits and scanning using automated tools (e.g., Security Content Automation Protocol (SCAP)) to identify vulnerabilities and streamline security processes. Perform vulnerability assessments on networks, applications, and operating systems. Identify critical flaws in applications and systems that cyber attackers could exploit. Design and develop IA or IA-enabled products, interface specifications, and security approaches as needed. Assess potential threats and security risks to the environment. Validate and refine security report findings to minimize false positives. Provide input on the adequacy of security designs and architectures (e.g., VoIP, client-server, access control, firewalls, DLP, virtualization, etc.). Participate in risk assessment and evaluation activities following post-inspection reviews. Prepare and present comprehensive Vulnerability Assessment Reports detailing findings and recommendations. Qualifications: Must have the ability to travel locally or internationally between sites, as necessary. Up to 50% of travel time. Associate’s degree in a related field or equivalent education, experience, and training. CCNA and additional IAT II certification required. 3 years’ experience in DoD Network Operations or IA operations. Strong knowledge of network security concepts, including routers, switches, VoIP, client-server architectures, access control, firewalls, DLP, and virtualization. Experience identifying vulnerabilities and mitigating cybersecurity threats. Proficiency in conducting vulnerability assessments on networks, applications, and operating systems. Hands-on experience using Security Technical Implementation Guides (STIGs), Security Requirements Guides (SRGs), and vulnerability checklists for compliance testing. Familiarity with automated/manual penetration testing techniques and tools to reduce false negatives and ensure robust security. Strong knowledge of data security administration principles, methods, and techniques. Understanding of domain structures, user authentication, and digital signatures.