Network Vulnerability Assessment Engineer
United States of America
Contract
3 weeks ago
No H1B
Key skills
Vulnerability assessmentNetwork security engineeringPenetration testingPassword auditingCompTIA Security+Certified Ethical HackerGIAC Vulnerability AssessmentWindows/Linux securityNetwork protocolsAnalytical problem-solvingActive DirectoryLeadershipCommunicationPenetration TestingNetwork Security
About this role
Catapult Federal Services is seeking a Network Vulnerability Assessment Engineer to perform comprehensive network vulnerability assessments. The role involves executing assessments, identifying vulnerabilities, and producing detailed reports to communicate findings and risks to clients.
Responsibilities:
- Responsible for the end-to-end execution and delivery of enterprise-scale network vulnerability assessments
- Conduct comprehensive network reconnaissance to identify and profile assets within scope – including live hosts, services, and operating system characteristics
- Construct accurate asset inventories using standardized methodologies and validate against client-provided documentation
- Document assumptions, exclusions, and limitations to ensure transparent scoping for assessment execution
- Perform structured vulnerability identification through systematic scanning of network devices, servers, and security appliances
- Validate automated findings manually to reduce false positives
- Correlate findings with known threat intelligence and asset criticality
- Conduct enterprise password security audits as part of the assessment:
- Evaluate domain and local account policies, including complexity, history, reuse, and lockout settings
- Assess account privilege distribution (e.g., domain admins vs. standard users) and service account hygiene
- Analyze password strength metrics derived from credential hashes or policy configurations
- Design and execute targeted password recovery campaigns using a range of advanced techniques:
- Brute-force attacks
- Dictionary-based attacks
- Mask attacks
- Hybrid attacks
- Markov chain-based probabilistic attacks
- Prioritize recovered credentials by privilege level and assess associated risk
- Produce client-ready vulnerability assessment reports that clearly convey:
- Executive-level risk summary, including visualized severity distribution and business impact
- Technical findings with context: methodology, proof-of-concept examples, and remediation guidance
- Prioritized action items tied to asset criticality (e.g., patch immediately vs monitor)
- Ability to present findings through structured debrief sessions – tailoring content and depth for technical teams and executive leadership
Requirements:
- U.S. Citizenship is Required
- 3 to 5 years of related work experience in the following areas: Vulnerability assessment and vulnerability management, Network security engineering, Penetration testing, Infrastructure or network engineering with security responsibilities
- CompTIA Security+ -- foundational knowledge of network security, threat management, and vulnerability processes
- Certified Ethical Hacker (CEH) -- understanding of attacker methodologies for identifying system weaknesses
- GIAC Vulnerability Assessment (GVA) -- expertise in scanning, analysis, prioritization, and remediation
- Demonstrable hands-on experience conducting network assessments: identification, scanning, triage and validation
- Experience with password auditing and recovery techniques (including mask, hybrid, and Markov approaches)
- Familiarity with Windows/Linux security internals, Active Directory, network protocols (TCP/IP, DNS, Kerberos), and common vulnerability classes
- Strong documentation skills – able to produce accurate, clear, and structured reports for both technical and non-technical audiences
- Understanding of scope, authorization boundaries, and ethical principles
- 5 to 8 years related work experience, including: Delivery of complex, multi-system vulnerability assessments, Participation in or leadership of enterprise vulnerability management programs, Development of assessment playbooks, templates, or validation procedures
- Hold at least one core industry recognized certifications: Certified Information Systems Security Professional (CISSP), GIAC Penetration Tester (GPEN), Offensive Security Certified Professional (OSCP), GIAC Exploit Researcher and Advanced Penetration Tester (GXPN), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA)
- Demonstrate hands-on experience performing vulnerability assessments across: Network infrastructure (routers, firewalls, switches), On-premises and cloud servers (Windows, Linus, cloud workloads), Security control platforms (e.g., WAFs, IDS/IPS, endpoint security)
- Exhibit attention to detail, analytical problem-solving abilities, and clarity in technical communication