Apply on Employer Site

Edgewater Federal Solutions, Inc. · 2 weeks ago

Vulnerability Analyst Lead

Bethesda, MD

Full-time

Onsite

Senior Level, Lead/Staff

8+ years exp

Edgewater Federal Solutions is a privately held government contracting firm located near Frederick, MD, seeking a Vulnerability Management Lead. The role involves overseeing vulnerability detection and remediation, providing subject matter expertise in cybersecurity, and managing a Fortune 100 level Vulnerability Management Program.

Information ServicesInformation TechnologyProfessional Services

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Extensive knowledge and hands-on experience with a variety of Vulnerability Management Tools such as Tenable, DB Protect, Netsparker, Qualys, etc

Expert knowledge of the Vulnerability Management lifecycle

Proven track record of designing, implementing, and managing a Fortune 100 level Vulnerability Management Program

Strong knowledge of networking, operating systems, databases, and web applications

Strong knowledge of cybersecurity operations (Cyber Threat Intelligence, Penetration testing, & Incident Response)

Deep knowledge and experience of performing both manual and automated asset discovery and enumeration

Deep knowledge and experience of systematic and data-driven asset prioritization

Expert knowledge and successful application of risk management frameworks

Qualification

Vulnerability Management ToolsVulnerability Management lifecycleCybersecurity operationsRisk management frameworksEnterprise Vulnerability managementInformation security certificationsWindows EndpointsServerUnix/LinuxWeb Application securityProject ManagementCustomer serviceVerbalPublic speakingData analysis skillsTroubleshooting skillsMS Office proficiencyProblem-solving capabilitiesWritten communication

Required

Extensive knowledge and hands-on experience with a variety of Vulnerability Management Tools such as Tenable, DB Protect, Netsparker, Qualys, etc

Expert knowledge of the Vulnerability Management lifecycle

Proven track record of designing, implementing, and managing a Fortune 100 level Vulnerability Management Program

Strong knowledge of networking, operating systems, databases, and web applications

Strong knowledge of cybersecurity operations (Cyber Threat Intelligence, Penetration testing, & Incident Response)

Deep knowledge and experience of performing both manual and automated asset discovery and enumeration

Deep knowledge and experience of systematic and data-driven asset prioritization

Expert knowledge and successful application of risk management frameworks

Ability to obtain a Public Trust clearance

Passion for learning about current and emerging information security threats and vulnerabilities

Strong understand of Enterprise Vulnerability management

A love for identifying gaps, providing solutions, and improving existing processes

Ability to collaborate with other teams to improve security across an enterprise

Strong Project Management skills

Previous leadership experience

Strong customer service focus to meet the needs of internal and external customers

Professional, pleasant, and polished demeanor

Strong problem-solving capabilities and the ability to effectively communicate solutions

Excellent verbal and written communication skills

Ability to build strong relationships with stakeholders at all levels

Strong public speaking and presentation skills

Experience and comfort leading large meetings

8 or more years of professional work experience with at least 5 specialized in cyber security

Bachelor's degree (additional years of experience in cyber security and/or military experience may reduce this educational requirement)

One or more certifications in information security (such as Sec+, CEH, CISSP, SSCP, etc.)

Demonstrated expertise with Windows Endpoints and Server

Demonstrated expertise with Unix/Linux

Demonstrated expertise with macOS

Demonstrated expertise with IOS

Demonstrated expertise with Android

Troubleshooting skills

Data analysis skills

Strong cyber security knowledge and experience to include: Host security (Such as Tenable)

Strong cyber security knowledge and experience to include: Web Application security (Such as NetSparker)

Strong cyber security knowledge and experience to include: Secure OS baselines (CIS, STIG, etc.)

Proficient in MS Office (Word, PowerPoint, Excel)

Preferred

Experience with and/or knowledge of: Hardening AWS, GCP, and Azure clouds

Experience with and/or knowledge of: GitHub Enterprise

Experience with and/or knowledge of: Administering Symantec Data loss prevention

Experience with and/or knowledge of: Hardening Dev/Sec/Ops Pipelines and Developer workflows

Experience with and/or knowledge of: Static Application Security Testing (SAST)

Experience with and/or knowledge of: Dynamic application security testing (DAST)

Experience with and/or knowledge of: Interactive application security testing (IAST)

Experience with and/or knowledge of: Runtime application self-protection (RASP)

Experience with and/or knowledge of: Microsoft Power Query, Power Charts, etc

Experience with and/or knowledge of: SPL queries and building Splunk Dashboards

Experience with and/or knowledge of: Database Security Vulnerability and Compliance (Such as DbProtect)

Company

Edgewater Federal Solutions, Inc.

Edgewater Federal Solutions was founded in 2002 with the mission of being the best IT consulting company possible for our government clients, our contracting partners and our employees.

Founded in 2002

Ijamsville, Maryland, USA

501-1000 employees