Vulnerability Assessment Analyst

About The Position

Requirements

• Bachelor’s Degree in management or other relevant discipline preferred
• DoD 8570.01-M IAT Level II certification with Continuing Education (CE) - (CySA+, GICSP, GSEC, Security+ CE, SSCP) required
• DoD 8570.01-M CSSP Auditor certification (CEH, CySA+, etc.) required
• 5+ years of professional experience in the required task area
• Experience with most MS Office applications (Word, Excel, PowerPoint, and Visio)
• Willingness to travel 25% of the time
• Willingness to support rotating shifts in a 24/7 operational environment and respond quickly to emergencies as needed
• Must be a US citizen
• Candidate must be in possession of a minimum DoD issued Secret Clearance
• Able to occasionally reach with hands and arms
• Prolonged periods of computer screen use, while sitting or standing at a desk
• Adhere to safety protocols when in work areas requiring use of PPE (e.g. eyewear, gloves, masks, hearing protection, steel toed shoes, etc.)
• Able to safely lift and carry up to 20 pounds at a time

Responsibilities

• Perform Defensive Cyber Operations (DCO)/Cyber Security Service Provider (CSSP) duties outlined in Evaluator Scoring Metrics (ESM)
• Perform cybersecurity duties on customer networks (proactively and reactively) to improve enterprise-wide security posture
• Perform and analyze vulnerability scans, currently utilizing Prisma and the Assured Compliance Assessment Solution (ACAS/Nessus) scanning tool
• Analyze correlated asset, threat, and vulnerability data against known adversary exploits and techniques to determine impact and improve network defensive posture
• Support the development, establishment, review and update of DCO procedures, processes, manuals, and other documentation
• Support Anti-Malware program, forward alerts and warnings to customers, respond to customer malware reports and assist in implementing protective/anti- malware measures
• Assist with host-based security across the enterprise, currently utilizing DoD Endpoint Security Solutions (ESS), to include antimalware, host-based intrusion protection system, data loss prevention, and rogue system detection
• Generate vulnerability assessment reports for customers and escalate for further review
• Create, update, and manage queries and dashboards pertaining to Endpoint Security Solutions (ESS), ACAS, and related security tools
• Support Incident Response across the enterprise IAW DoD regulations and instructions
• Lead cyber events and incident investigations from start to conclusion, to include gathering data, analysis, and reporting
• Support DCO operations by mentoring and training junior DCO analysts
• Other duties as assigned

Benefits

• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k, IRA)
• Life Insurance (Basic, Voluntary & AD&D)
• Paid Time Off (Vacation, Sick & Public Holidays)
• Short Term & Long Term Disability
• Training & Development
• Wellness Resources