Nessus SME jobs in United States
cer-icon
Apply on Employer Site
company-logo

ComTec Information Systems (IT) · 2 days ago

Nessus SME

positionAustin, Texas Metropolitan Area
timeFull-time
remoteHybrid
senioritySenior Level
date5+ years exp

ComTec Information Systems is seeking a Nessus Subject Matter Expert (SME) with specialized experience in Operational Technology (OT) security. The role involves leading vulnerability scanning, assessment, and mitigation efforts across IT and OT environments, requiring hands-on expertise with Tenable Nessus and a strong background in securing SCADA networks.

Information TechnologySoftware

Responsibilities

SME for Nessus and Nessus Professional/Tenable.sc scanning solutions in both IT and OT environments
Conduct vulnerability assessments on OT systems, including PLCs, RTUs, HMIs, and SCADA infrastructure, ensuring minimal operational impact
Configure and fine-tune scan policies for OT networks, balancing visibility with system safety and availability
Analyze scan results to identify vulnerabilities, misconfigurations, and compliance issues
Collaborate with OT engineers, IT security, and compliance teams to align scanning activities with operational safety and security objectives
Maintain a comprehensive inventory of OT assets and integrate vulnerability data with asset management systems when possible
Support segmentation, network mapping, and risk assessments for OT environments using Nessus and complementary tools
Develop and maintain detailed documentation on scan procedures, results, and mitigation strategies
Develop reporting and metrics that highlight OT-specific vulnerabilities, risk levels, and remediation progress
Stay informed of emerging threats, zero-days, and advisories relevant to OT (e.g., CISA ICS alerts, ISA/IEC 62443 standards)

Qualification

Tenable NessusOT cybersecurityVulnerability managementPython scriptingICS protocolsTenable.scAnalytical thinkingCommunication skills

Required

3+ years of experience configuring/implementing Tenable Nessus for enterprises for IT/OT vulnerability assessments
5+ years of experience with vulnerability management lifecycle and remediation tracking
Experience integrating Nessus/Tenable with asset discovery and monitoring tools (e.g., Nozomi, Claroty, Dragos, SCADAfence)
Experience with Tenable.sc or Tenable.io in hybrid OT/IT environments
Ability to script in Python, PowerShell, or Bash for automation and data processing
Knowledge of ICS protocols (e.g., Modbus, DNP3, BACnet, OPC, Profinet)
Familiarity with network segmentation, zone-based architecture, and secure remote access principles in OT
Strong understanding of CVEs, CVSS scoring, and vulnerability lifecycle management
Working knowledge of industry standards and guidelines: ISA/IEC 62443, NIST 800-82, NERC CIP, or equivalent
Strong interpersonal and communication skills to interface effectively with IT, OT, and executive stakeholders
Ability to work in sensitive, safety-critical environments where system availability is paramount
Strong analytical thinking with a detail-oriented and risk-focused mindset

Preferred

Nice to have experience in OT/ICS cybersecurity, particularly in sectors such as energy or critical infrastructure

Company

ComTec Information Systems (IT)

twittertwitter
company-logo
ComTec Information Systems is an information technology company specializing in JAVA, Oracle Fusion, and software application solutions.
dateFounded in 1996
location
Irving, Texas, USA
people-size501-1000 employees
web-link
http://comtecinfo.com

Funding

Current Stage
Late Stage
Company data provided by crunchbase