Job details
Company
Peraton
Location
Hesse, Germany
Employment type
Full-time
Primary category
IT Operations
Posted date
2 Apr 2026
Valid through
Job description
Responsibilities
Peraton is seeking to hire an experienced Cyber Threat Analyst – Assessment for its' Regional Cyber Center-Europe program.
Location: On-site, Wiesbaden, Germany
Possibility of 2nd and 3rd Shift work
Responsibilities:
- Conduct vulnerability assessments and penetration tests against USAREUR-AF network infrastructure, endpoints, and applications in support of CSSP assessment missions (NAVs and PPTs)
- Perform web application security testing using OWASP methodology and tools including Burp Suite and OWASP ZAP, identifying and validating vulnerabilities across mission partner web services
- Execute Active Directory and Linux security assessments to identify privilege escalation paths, credential exposure risks, and lateral movement opportunities within target environments
- Utilize penetration testing frameworks including Metasploit and Burp Suite to safely exploit validated vulnerabilities and demonstrate risk to mission owners in a controlled manner
- Document all assessment findings in structured reports, including vulnerability descriptions, evidence screen-shots, CVSS risk ratings, and actionable remediation recommendations
- Support mission owners and network defenders with post-assessment remediation guidance, answering technical questions and providing clarification on findings to facilitate effective risk reduction
#RCC-E
Qualifications
Required:
- 5 years of penetration testing or vulnerability assessment experience with a Bachelor’s degree in a STEM field or Business Administration; 11 years of relevant experience may substitute for degree
- Must meet TESA Qualifications.
- DoD 8140 - Cybersecurity (Vulnerability Analyst) - Intermediate
- Certifications — must hold active certifications (one of the following):
- TCM Security PNPT; OR
- HTB CPTS (Hack The Box Certified Penetration Testing Specialist); OR
- Zero Point Security RTO (Red Team Ops); OR
- OSCP (Offensive Security Certified Professional); OR
- OSCE (Offensive Security Certified Expert); OR
- GPEN (GIAC Penetration Tester); OR
- GWAPT (GIAC Web Application Penetration Tester); OR
- GAWN (GIAC Assessing and Auditing Wireless Networks); OR
- GXPN (GIAC Exploit Researcher and Advanced Penetration Tester); OR
- GWEB (GIAC Certified Web Application Defender)
- U.S. citizenship required
- Active DoD TS/SCI clearance or higher
Preferred:
- Hands-on experience with Metasploit Framework for vulnerability exploitation and post-exploitation activities
- Proficiency with Burp Suite Pro for manual and automated web application security testing
- Familiarity with OWASP ZAP for web vulnerability scanning and validation
- Experience with Nmap and Nessus/OpenVAS for network discovery and vulnerability scanning
- Working knowledge of BloodHound for Active Directory enumeration and attack path analysis
- Scripting proficiency in Python, Bash, or PowerShell for custom tool development and test automation
- Familiarity with vulnerability scoring frameworks (CVSS) and risk-based reporting methodologies
- Experience with vulnerability management platforms (e.g., Tenable.sc, Rapid7 InsightVM)
Peraton Overview
Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.