Leidos · 2 days ago
Vulnerability Analyst
Wonder how qualified you are to the job?
ComputerGovernment
Insider Connection @Leidos
Responsibilities
Provide policy guidance for 4300A updates.
Create and maintain SOPs and guidance documents as needed.
Provide training to new VAT personnel as needed.
Provide Swimlane admin assistance for FISMA List maintenance.
Deliver all requested work products by agreed upon due dates and deadlines.
Create and publish security related alerts, bulletins, and notifications to all DHS components based on identified software and hardware vulnerabilities and monitor for compliance.
Continuously perform and distribute research on emerging threats to the environment in order to disseminate the information to all stakeholders, immediately assess the known environment for presence of the vulnerability, and work with the NOSC and enterprise networking teams to proactively block exploitation within the DHS environment.
Support Vulnerability Tracking and Reporting.
Support NOSC enclave, HSEN, and RTIC through conducting scheduled and ad-hoc vulnerability scanning.
Employ ad-hoc or emergency VA scanning to support targeted incident investigation, escalation and emergency response to security events in accordance with documented procedures.
Coordinate with Component security staff to explain findings, provide recommendations on mitigations, and advocate for mitigation of vulnerabilities.
Conduct, operates, and maintains assessments and the resulting Vulnerability Assessment (VA) data and reports.
Conduct Host-based and Network Vulnerability Assessments.
Conduct Database Vulnerability Assessments.
Conduct Web-based Vulnerability Assessments.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
BS degree in Science, Technology, Engineering, Math or related field and 4-8 years of prior relevant experience with a focus on cybersecurity
At least two years of direct experience in vulnerability assessment/management
Familiar with the management, operational, and technical aspects of IT Security in a complex environment
Experience working with industry-standard cybersecurity methodologies and processes
Advanced knowledge of TCP/IP protocols
Experience configuring and implementing various technical security solutions
Substantial experience managing vulnerability/compliance scans using Nessus
At least one of the following certifications: SANS GIAC: GCIA, GMON, GCDA GPEN, GEVA, GWAPT, GSNA, GISF, GAWN, GXPN, GWEB; Offensive Security: OSCP, OSCE, OSWP, OSEE; ISC2: CISSP; EC Council: CEH
Department of Homeland Security (DHS) Entry on Duty (EOD) is required to support this program
Preferred
Previous experience working in a DHS or other federal government agency SOC/NOC/NOSC environment
Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework
Company
Leidos
Leidos is a Fortune 500® innovation company rapidly addressing the world’s most vexing challenges in national security and health.
Funding
Current Stage
Public CompanyTotal Funding
unknown2013-09-17IPO· nyse:LDOS
Leadership Team
Recent News
2024-04-26
2024-04-12
Company data provided by crunchbase