As a Vulnerability Assessment Analyst (Database) - Mid, you will play a critical role in safeguarding the Department of Veterans Affairs (VA) digital assets.
Perform vulnerability scanning against databases for known vulnerabilities, security misconfigurations, and compliance-related requirements.
Scan Coordination
Coordinate CSOC-managed network scans with field points of contact
Review and verify hosts/ IPs to be scanned
Review and select appropriate scan policy(s)
Coordinate with network and team personnel
Scan Execution
Monitor/ coordinate/ react as required throughout the duration of the scan
Troubleshoot any issues that occur during the scan
Verify accuracy of data and conduct system checks as required upon completion of the scan
Develop new testing programs
Scan Reporting
Verify, update, create report templates
Produce Database Post Scan Findings Reports
Conduct quality assurance checks of final reports
Distribute reports
Scan Troubleshooting
Knowledge of common ports and port scanning
Support Windows, Unix, and Linux operating systems
Support coordinating and troubleshooting computer/network connection issues
Support database types to include but not limited to Microsoft SQL Server, Oracle, MySQL, PostgreSQL, MongoDB, AzureSQL, AWS RDS, Other Cloud PaaS Databases
Produce Database Scan Result Metrics to include program wide statistics and operational metrics collected over time. The statistics and operational metrics can be collected monthly, quarterly, and annually base on vulnerability posture. The Database Scan Result Metrics shall include but not limited to vulnerability counts, asset counts, and vulnerability criticality.
Manage and maintain backend system software.
Administer existing and future infrastructure including system maintenance and management.
Manage and maintain Government owned virtual machines (VM), operating systems, and applications.
Utilize the following current tools as required:
Support Windows, Unix, and Linux operating systems
VMWare
AppDetectivePro
DBProtect
Nessus/Tenable Scanning
NMAP
Database DISA STIG interpretation and expertise
Bachelor's degree in Cybersecurity, Information Technology, or related field
Experience with primarily Microsoft SQLServer and Oracle databases and must be proficient with AWS RDS, Azure SQL, and Postgre SQL
Proven experience in vulnerability scanning and security testing
In-depth knowledge of scanning tools (Tenable Security Center, Nessus Scanner, NMAP)
Strong analytical and problem-solving skills
Excellent communication and documentation abilities
Traditional and HSA- eligible medical insurance plans w/ Wellness Incentives for employees and family
100% employer-paid dental and vision insurance options
100% employer-sponsored STD, LTD, and life insurance
Veterans Cohort
Gym membership reimbursement
401(k) matching
Dollar-for-dollar 501(c)(3) donation matching
Flexible-schedules and teleworking options
Paid holidays and Flexible Paid Time Off
Adoption Expense Reimbursement
Paid Parental Leave
Professional development and career growth opportunities and paid training days
Employer-sponsored Employee Assistance Program for employee and family
Team and company-wide events, recognition, and appreciation-- and so much more!