Vulnerability Analyst #2018-227

Defense Point Security Arlington , VA 22202

Posted 2 months ago

Do you want to work for a company that is passionate about security and has a fun, start-up culture with large company perks? Do you want to be in an environment where you will continuously learn new skills, grow and take on new opportunities due to the abundance of new projects on the horizon?

If you answered yes to these questions, this opportunity could be for you!

Defense Point Security is currently seeking a Vulnerability Analyst in Arlington, VA.

Job Responsibilities:

  • Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk

  • Operate and maintain a suite of vulnerability scanning tools such as Retina, Nessus, DBProtect, WebInspect and IP360

  • Research, analyze, design, test, and implement new or vendor-supplied security software solutions

  • Provide up-to-date documentation and procedures on security software product administration

  • Analyze scan results, prioritize, identify solutions and make recommendations based on the analysis

  • Examine data from multiple disparate sources with the goal of providing new insight

  • Design and implement custom algorithms, flow processes for data sets used for modeling, data mining, and research purposes

  • Make recommendations regarding the selection of cost-effective compensating security controls based on NIST 800-37 to mitigate risk

  • Develop follow-up action plans to resolve reportable issues, and communicate with the other technologists to address security threats and vulnerabilities

  • Regularly develop new use cases for automation and tuning of security tools

  • Contribute to security strategy and security posture by identifying security gaps, evaluate and implement enhancements

Job Requirements:

  • This position requires US Citizenship due to our Federal contractual obligation

  • Bachelor's Degree in Information Systems, or related discipline

  • 2 years experience in network security and information security policies

  • Experience with log and monitoring management systems, security event monitoring systems, network-based and host-based intrusion detection systems, firewall technologies, malware detection and enterprise-level antivirus solutions/systems, VPN technologies and encryptions standards

  • GCIH, CEH or similar industry certification preferred

Job Location: Arlington, VA

Position Type: FullTime/ Regular

Security Clearance:

To see other locations please see the Information Security Career Menu on defpoint.com

Defense Point Security is an IT Security Consulting firm specializing in government-focused security solutions. Our goal is to provide expert IT security services to our clients while cultivating information security knowledge among all employees for the advancement of cyber security. Defense Point Security offers a competitive employment package including medical, vision, and dental insurance (among others).

Defense Point Security offers a competitive benefits package to include:

  • Medical, Dental, Vision Insurance Premiums are 100% paid by DPS for employee and eligible dependents

  • Personal Accident Insurance paid by DPS

  • Life Insurance paid by DPS

  • Short and Long Term Disability Insurance paid by DPS

  • 401k Contribution Matching and 100% vested after 90 days

  • Flexible Spending Accounts

  • Commuter Assistance

  • Paid Time Off starting at 3 weeks a year (15 days)

  • 10 paid Federal Holidays

  • Capital BikeShare Membership for DC Metro Area

  • Reimbursement for qualifying training expenses

  • Flexible / Alternative Work Schedules

Defense Point Security is an Equal Opportunity / Affirmative Action Employer. We are committed to hiring and retaining a diverse Community workforce. DPS gives equal consideration to all qualified candidates without regard to race, color, religion, creed, gender identity, national origin, sex, pregnancy, marital status, age, sexual orientation, disability, veteran status, or any other protected class.


See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Acas Vulnerability Analyst
New!

Gcyber

Posted Today

VIEW JOBS 11/16/2018 12:00:00 AM 2019-02-14T00:00 Do you have an <strong>active DoD security clearance</strong>, IT experience, and a passion for the Cyber Security field?  This may be the position for you.<br /> <br /> <strong>GCyber</strong> is seeking an ACAS Vulnerability Analyst.  The ACAS Vulnerability Analyst will be a key team member on this highly visible, critical program that bridges DoD and DHS programs, and will be joining a team of highly respected technical professionals. <br /> The analyst will;<br /> -Complete tasks designed to ensure the security of our customer’s systems and information assets.<br /> -Help protect against unauthorized access, modification, or destruction of systems and data.<br /> -Work in a team environment to address the information assurance needs of the organization and its customers.<br /> -Implement policies and procedures, and tracks compliance throughout the enterprise.<br /> <br /> <strong>Qualifications\Responsibilities</strong><br /> *Day-to-day Responsibilities:<br /> Perform vulnerability scans and audits on USCG sites’ systems to support CCRIs as the USCG technical representative<br />  <br /> Perform vulnerability scans on USCG public-facing website applications and report results to developers for remediation and/or mitigation<br />  <br /> Maintain and administer enterprise-wide ACAS system, performing vulnerability scanning and reporting<br />  <br /> Utilize automated scanning tools and a host of security-related, web based applications, to report, identify and track assets’ vulnerabilities throughout the systems lifecycle<br />  <br /> Ensure information assurance for devices on the Enterprise Networks (SIPR & NIPR) utilizing tools such as Assured Compliance Assessment Solution (ACAS), Tenable Nessus, HBSS, and Continuous Monitoring and Risk Scoring (CMRS)<br />  <br /> Conduct operating system, application, and database vulnerability assessments on various Information Systems as part of the Independent Verification and Validation scanning program and Certification and Accreditation process for enterprise systems<br />  <br /> Conduct vulnerability and compliance scans, resolve connection and access issues to ensure accurate scan data, analyzes vulnerability assessment data, creates reports, supports USCG Command Cyber Readiness Inspections (CCRI), and assists the Blue Team security assessment efforts<br />  <br /> Perform Tenable Security Center and stand-alone Nessus Web Client administration; routine software/hardware maintenance<br />  <br /> Provide ACAS customer support for the entire USCG organization; create and manage ACAS user accounts, monitor reoccurring monthly scans, configure Security Center asset lists, scan policies, reports and unique dashboards highlighting critical vulnerabilities and provide trend analysis; troubleshot and resolve customer issues and/or concerns, and provide ACAS training<br />  <br /> Analyze network security posture, implement various Information Assurance (IA) security controls, DISA Security Technical Implementation Guidelines (STIG), DHS directives, NIST security configuration checklists and security updates to systems and software to meet United States Cyber Command (USCYBERCOM) Information Assurance Vulnerability Management (IAVM) alert Communications Tasking Orders (CTO) and DHS Information Security Vulnerability Management (ISVM) alerts and policies; Create vulnerability risk assessment reports providing justification for USCG sites Authority to Operate (ATO) in accordance with FISMA and C&A requirements to include: DoD IAVM and Task Order compliance tracking through the Vulnerability Management System (VMS)<br />  <br /> Manage Tenable’s SecurityCenter and Nessus software used for the DoD Assured Compliance Assessment Solution (ACAS)<br />  <br /> *Job Requirements (include min. years of exp, and specific technical tools, certifications):<br /> Must have Active Secret DOD clearance<br /> Must be DoD 8570 IAT-II with CEH Certification – Required within 30 days of hire.<br /> Bachelor's Degree and 5 years Vulnerability Assessment Team or relative IT experience required (or additional 6 years’ experience to replace Bachelor's)<br /> DoD/DHS experience is desired, but not required<br /> Must be proficient with ACAS, HBSS, Nessus, MS Office<br /> Must be a team player, eager to assist colleagues and government staff with handling evolving priorities and multiple tasks<br /> Must have the ability to work in a dynamic environment and meet projected suspense dates<br /> <br /> <br /> <br /> <strong><em>What you will love about us</em></strong><br /> At GCyber we are a small company with a significant impact.  Every day we help our customers secure key infrastructure critical to our national defense.  Our staff are committed to this mission and constantly strive to find more innovative and efficient ways to maximize these protections while enabling critical operations.<br /> -<em>Health Benefits </em>– Medical with HSA and FSA options, dental, and vision<br /> -<em>Prepare for the unexpected</em> – Paid short and long-term disability and life insurance<br /> -<em>Plan for your future</em> – 401K with company match<br /> -<em>Don’t sweat the commute</em> – Public transportation and parking benefits<br /> -<em>Rest and Relaxation</em> – 15 days of personal time off and 10 paid holidays<br /> -<em>Great company culture</em> – Fun, inclusive, supportive, collaborative & meaningful Gcyber Alexandria VA

Vulnerability Analyst #2018-227

Defense Point Security