Nevada National Security Sites · 11 hours ago
Cyber Security Continuous Monitoring Supervisor (Supervisor II)
North Las Vegas, NV
Full-time
Onsite
Senior Level, Lead/Staff
$103K/yr - $166K/yr
8+ years expMission Support and Test Services, LLC (MSTS) manages and operates the Nevada National Security Site (NNSS) for the U.S. National Nuclear Security Administration (NNSA). They are seeking a Continuous Monitoring Team Supervisor to lead the Cyber Security Continuous Monitoring program, overseeing vulnerability scanning and remediation operations within an enterprise environment.
Government Administration
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Spearhead the continuous monitoring program across the organization's Information Technology and Operational Technology environments
Build and execute the roadmap for the program, develop metrics to measure the program, and aggressively drive the reduction of risks and vulnerabilities
Enforce continuous discovery, assessment, and remediation status of enterprise-wide assets
Oversee deployment of the monitoring infrastructure and improve visibility across on-premises and cloud infrastructure and endpoints
Develop a strategy to identify and prioritize a repeatable process to mitigate risks in the enterprise
Collaborate with system owners, ISSO's and other teams within the organization's IT division to identify, track, and remediate risks
Assess emergency threats for applicability and work with cross-functional teams to implement countermeasures and reduce the attack surface
Communicate the state of vulnerability management to stakeholders, developers, IT, and business leaders
Build and maintain dashboards that present actionable data to IT teams and IT leadership in an intuitive manner
Oversee the validation and testing of complex compliance audits and vulnerability plugins to ensure accuracy of the scan results
Communicate with the third-party vendors regarding issues with the scanning tools to ensure issues identified during the scanning process are troubleshooted and resolved
Assists with data calls, FISMA reporting, compliance scanning and reporting, continuous monitoring, and compiling reports for auditors
Contribute to an overall productive and respectful work environment by providing excellent customer service and working in a positive, collegial manner. Maintain cooperative and respectful working relationships with Cyber Security staff, other divisions, and other customers
Qualification
Required
Bachelors' degree or equivalent training and experience in a computer-related field and at least 8 years of related experience
Experience using MITRE ATT&CK framework
Knowledge of vulnerability management and scanning best practices such as CVE database and the CVSS System used for scoring vulnerabilities
Knowledge of network and application security principles such as OWASP Testing Guidelines, OWASP Application Security knowledge framework and ATT&CK framework
Knowledge of DHS Continuous Diagnostic and Mitigations (CDM) tools and reporting structures
Knowledge of scanning best practices for hardware and software asset management
Has command of a broad range of the most advanced cyber security principles, protocols, concepts, and theories in a broad range of disciplines
Ability to integrate work of specialized personnel to produce the desired results
Knowledge of network-based services and client/server applications, familiarity with intrusion detection systems, familiarity with network architecture and security infrastructure placement
Knowledge of vulnerabilities, mitigation strategies, network architecture, and how to apply security controls
Ability to analyze network traffic, identify misconfigurations of information systems and networks, troubleshoot security appliances, independently identify network and host security vulnerabilities
Understand the Windows operating system and command line tools, network protocols, and TCP/IP fundamentals
Ability to maintain strict confidentiality
Ability to communicate effectively in English, both verbally and in writing, sufficient to communicate with co-workers, customers, testify, write clear and concise reports, and collect information
Ability to use multiple electronic devices including standard office machines, cellular phones, and security appliances
Ability to articulate highly technical processes and information to a non-technical audience
Ability to meet the physical requirements necessary to perform all assigned duties safely and effectively
Ability to pass a federal background and obtain a 'Q' clearance
Must possess a valid driver's license
Preferred
GIAC Enterprise Vulnerability Assessor (GEVA)
GIAC Security Essentials (GSEC)
Certified Information Systems Security Professional (CISSP)
Benefits
Medical, dental, and vision
Both a pension and a 401k
Paid time off and 96 hours of paid holidays
Relocation (if located more than 75 miles from work location)
Tuition assistance and reimbursement
Company
Nevada National Security Sites
The Nevada National Security Sites help ensure the security of the United States and its allies by: supporting the stewardship of the nation’s nuclear deterrent; providing nuclear and radiological emergency response capabilities and training; contributing to key nonproliferation and arms control initiatives; executing national-level experiments in support of the National Laboratories; working with national security customers and other federal agencies on important national security activities; and providing long-term environmental stewardship of the NNSS’s Cold War legacy.
1001-5000 employees
Funding
Current Stage
Late StageLeadership Team
Melissa Biernacinski
Action Officer, Government/Customer Relations and Strategic Partnerships
Company data provided by crunchbase