Vulnerability Assessment Analyst - Senior jobs in United States
info-icon
This job has closed.
company-logo

CriticalSolutions, LLC · 22 hours ago

Vulnerability Assessment Analyst - Senior

positionAshburn,VA,US
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$106K/yr - $136K/yr
date10+ years exp

Critical Solutions is seeking a Senior Vulnerability Assessment Analyst to support our federal customer in Ashburn, VA. The role involves leading the Vulnerability Analysis function, conducting vulnerability assessments, and providing recommendations on mitigations to enhance the security posture of the agency.

Cloud SecurityCyber SecurityIntrusion DetectionNetwork Security
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Lead the Vulnerability Analysis function of the overall Vulnerability Assessment Team, working with the Vulnerability Management function and Penetration Testing function under a unified Vulnerability Assessment Lead
Create and publish security-related alerts, bulletins, advisories, and notifications to all Agency's components based on identified software and hardware vulnerabilities and monitor for compliance
Continuously research emerging threats to the environment in order to disseminate the information to all stakeholders, immediately assess the known environment for presence of the vulnerability, and work with the NOSC, Enterprise VAT, and enterprise networking teams to proactively block exploitation within the Agency's environment
Conduct scheduled and ad-hoc vulnerability/compliance scanning
Create and maintain scans in support of continuous scanning requirements for various FISMA systems
Employ ad-hoc or emergency vulnerability/compliance scanning to support targeted incident investigation, escalation, and emergency response to security events in accordance with documented procedures
Coordinate with NOSC cybersecurity leadership and FISMA system ISSOs and system owners to explain findings, provide recommendations on mitigations, and advocate for mitigation of vulnerabilities
Track and trend vulnerabilities for HQ NOSC to assess and depict risk posture
Correlate CISA KVEs and incorporate into NOSC scanning as applicable
Conduct, operate, and maintain vulnerability/compliance assessments and the resulting data and reports
Conduct Host-based and Network Vulnerability Assessments
Conduct Database Vulnerability Assessments
Conduct Web-based Vulnerability Assessments
Author and maintain SOPs and runbooks
Other duties as assigned

Qualification

Vulnerability AssessmentTenable NessusTCP/IP ProtocolsCybersecurity MethodologiesLinux Operating SystemWindows Operating SystemSplunkSwimlaneAxoniusMITRE ATT&CK

Required

Must be US Citizen and and must be able to obtain and maintain an Entry on Duty (EOD) clearance
Bachelors' degree from an accredited college in IT, cybersecurity, computer science, or related field, or equivalent experience/combined education, with 12 years of professional experience; or a Masters' degree with 10-13 years of professional experience
At least six years of direct experience in vulnerability assessment/management
Familiar with the management, operational, and technical aspects of IT Security in a complex environment
Experience working with industry-standard cybersecurity methodologies and processes
Advanced knowledge of TCP/IP protocols
Experience configuring and implementing various technical security solutions
Substantial experience managing vulnerability/compliance scans using Tenable Nessus and/or Security Center
Expert in Nessus Manager
Expert in Tenable.io

Preferred

Experience working in cyber operations, particularly for a federal government customer
Experience supporting large and diverse cybersecurity environments
Moderate proficiency in Splunk
Familiarity with Swimlane
Familiar with basic functions of Axonius
Understanding of MITRE ATT&CK and various attack and defense methodologies
Expertise in Linux and Windows operating systems
Experience with supporting ATO audits, FISMA compliance, and other ISSO functions

Benefits

100% premium coverage for Medical, Dental, Vision, and Life Insurance
Supplemental Insurance
401K matching
Flexible Time Off (PTO/Holidays)
Higher Education/Training Reimbursement
And more.

Company

CriticalSolutions, LLC

twittertwittertwitter
company-logo
Critical Solutions, LLC specializes in providing cyber security services to the Federal Government.
dateFounded in 2011
location
Pasadena, Maryland, USA
people-size11-50 employees
web-link
https://www.criticalsolutionsit.com

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
Suong Nguyen
CEO/Principal Consultant
linkedin
Company data provided by crunchbase