Testpros - Portsmouth, VA

posted about 1 month ago

Full-time - Mid Level
Remote - Portsmouth, VA
Professional, Scientific, and Technical Services

About the position

The Cyber Security Engineer - Vulnerability Management at TestPros is responsible for engaging in enterprise and system-level cybersecurity tasks, focusing on vulnerability management and compliance with various cybersecurity policies and standards. This role involves monitoring vulnerabilities, supporting the Plan of Actions and Milestones (POA&M) program, and developing security-related documentation. The position requires a strong understanding of cybersecurity practices and tools, as well as effective communication with project stakeholders.

Responsibilities

  • Conduct reviews of NIST, OMB, DHS, DoD, FISMA policies, mandates, and vendor publications related to enterprise technologies and recommend changes to organizational policy and procedures.
  • Support authoritative order review, research, impact assessment, distribution, compliance determination, tracking, and reporting.
  • Monitor identified vulnerabilities throughout their lifecycle from discovery to mitigation using ACAS, HBSS, STIG Viewer or other industry tools.
  • Support the Plan of Actions and Milestones (POA&M) program to ensure customer systems have accurately and fully provided information for POA&M activities.
  • Support the collection and use of data for the Information Assurance Vulnerability Management (IAVM) Program using various security tools.
  • Develop and implement hardware and software evaluation (sandboxing) capability and procedures prior to introduction to network computing environment.
  • Support security impact analysis and risk management decision cycle.
  • Provide detailed security-related reports including data, analyses, and conclusions upon completion of tests, scans, and assessments.
  • Lead and/or participate in the development of information system security policy and standards, including writing guidelines, standards, procedures, and other technical documentation.
  • Maintain communication with project-level stakeholders and manage project scope and expectation.

Requirements

  • U.S. citizenship
  • Active DoD Secret Clearance
  • Bachelor's degree or higher in an Information Technology field or equivalent work experience
  • Possession of one of the following IAT Level II Security Certifications: CCNA Security, CySA+, GICSP, GSEC, Security+ (SEC+ CE), CND, SSCP

Nice-to-haves

  • Experience with Security Automation Framework (SAF) tools and scripting in Ruby

Benefits

  • Competitive salary
  • Medical/dental/vision insurance
  • Life insurance
  • Paid time off
  • Paid holidays
  • 401(k) retirement plan with company match
  • Opportunities for professional growth
  • Cell phone discounts
Job Description Matching

Match and compare your resume to any job description

Start Matching
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service