Sorry, this job is no longer accepting applications. See below for more jobs that match what you’re looking for!

Vulnerability Analyst/Lead

Expired Job

Foxhole Technology Washington , DC 20002

Posted 3 months ago

The Vulnerability Analyst is responsible for performing vulnerability assessments and performing penetration testing. Supports Department level risk assessment and risk based decision making. Specific responsibilities include:
Serve as vulnerability management analyst as primary responsibility
Review Plan of Action and Milestone (POAM) data with PMO Branch
Perform information system security vulnerability scanning to discover and analyze vulnerabilities and characterize risks to networks, operating systems, applications, databases, and other information system components
Perform compliance scanning to analyze configurations and facilitate implementation of configurations and hardening settings for networks, operating systems, applications, databases, and other information system components
Engage with stakeholders, to include IT professionals, management, and auditors, to facilitate vulnerability discovery and remediation
Recommend appropriate remedial actions to mitigate risks and ensure information systems employ appropriate level of information security controls
Validate remedial actions and ensure compliance with information security policy and regulatory requirements
Assist in development and implementation of an information security vulnerability management policies, procedures, and standards based on National Institute of Standards and Technology (NIST) 800-53 standards, best practices, and compliance requirements
Perform vulnerability management system administration functions, as required
Maintain proficiency in threat and vulnerability management best practices
Required Skills and Certifications:
Secret Clearance is the minimum. Top Secret a plus
Bachelors Degree
7-10 years experience or CERTS in lieu of experience
At least 3-5 years experience conduction vulnerability assessments.
Expertise in vulnerability management processes and network and web vulnerability scanning.
Required experience with HP Web Inspect v10.x.
Desirable hands-on experience with Tenable Nessus
Configure vulnerability assessment tools to perform vulnerability scanning on enterprise network.
Experience scanning web applications hosted internally and externally.
Experience troubleshooting issues arising from vulnerability scanning and serve as technical expert for vulnerability assessment tools.
Experience generating Vulnerability Management metrics and reports.
Familiarity with CSAM preferred
CEH, GIAC, Security +, other related certs
Desired Skills and Certifications:
Ability to draft reports and brief the customer on findings
Top Secret Clearance
Please visit our website for more info regarding Foxhole Technology open positions and our benefits we offer excellent benefits and professional development opportunities:

We sincerely appreciate your consideration of Foxhole Technology

Foxhole Technology is a Service Disabled Veteran Owned Small Business (SDVOSB) headquartered in Fairfax Virginia.

Skills:
Secret Security Clearance Required with capability to aquire Top Secret Clearance
Permanent
3 Years


See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Senior Cybersecurity Vulnerability Assessment Specialist

Csra Inc.

Posted 6 days ago

VIEW JOBS 12/5/2018 12:00:00 AM 2019-03-05T00:00 Primary Location Washington , DC United States Job Requisition RQ29767 Category Information Technology Apply Legacy CSRA employee login The Administrative Office of the United States Courts (AOUSC), Department of Technology (DTS) Information Technology Security Office (ITSO) provides IT security support services to court units (courts) within the Federal Judiciary and manages the Judiciary Information Technology Security Program (Program) in collaboration with local court units and AOUSC national program offices (NPOs). Court units primarily consist of Federal Appellate Courts, District Courts, Bankruptcy Courts, Probation Offices, and Pretrial Services Offices located across the United States and the U.S. Territories. ITSO provides court units and NPOs with services and support to assist with building and evolving their IT security programs. Identifying and managing IT security risks is an integral part of each security program. ITSO's goal is to ensure that court units and NPOs have the information necessary to make risk-based decisions with regard to the information systems supporting their mission and business functions Designs and develops new systems, applications, and solutions for external customer's enterprise-wide cyber systems and networks. Ensures system security needs established and maintained for operations development, security requirements definition, security risk assessment, systems analysis, systems design, security test and evaluation, certification and accreditation, systems hardening, vulnerability testing and scanning, incident response, disaster recovery, and business continuity planning and provides analytical support for security policy development and analysis. Integrates new architectural features into existing infrastructures, designs cyber security architectural artifacts, provides architectural analysis of cyber security features and relates existing system to future needs and trends, embeds advanced forensic tools and techniques for attack reconstruction, provides engineering recommendations, and resolves integration and testing issues. May interface with external entities including law enforcement, intelligence and other government organizations and agencies. Required skills: Cyber Security Assessment Management (CSAM), Microsoft Office 365, OWASP ZAP Proxy, SQLmap, Metasploit Pro, WebInspect, Nmap, Nessus, Burp Suite, Wireshark, John The Ripper. DESIRED QUALIFICATIONS: BS or equivalent + 2 yrs related experience, or MS + 0 yrs experience For more than 50 years, General Dynamics Information Technology has served as a trusted provider of information technology, systems engineering, training, and professional services to customers across federal, state, and local governments, and in the commercial sector. Over 40,000 GDIT professionals deliver enterprise solutions, manage mission-critical IT programs, and provide mission support services worldwide. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class. Post date: December 3, 2018 Location - Thoroughfare (i.e. Street address): Washington , DC United States Location - Thoroughfare (i.e. Street address): Senior Cybersecurity Vulnerability Assessment Specialist CSRA December 3, 2018 The Administrative Office of the United States Courts (AOUSC), Department of Technology (DTS) Information Technology Security Office (ITSO) provides IT security support services to court units (courts) within the Federal Judiciary and manages the Judiciary Information Technology Security Program (Program) in collaboration with local court units and AOUSC national program offices (NPOs). Court units primarily consist of Federal Appellate Courts, District Courts, Bankruptcy Courts, Probation Offices, and Pretrial Services Offices located across the United States and the U.S. Territories. ITSO provides court units and NPOs with services and support to assist with building and evolving their IT security programs. Identifying and managing IT security risks is an integral part of each security program. ITSO's goal is to ensure that court units and NPOs have the information necessary to make risk-based decisions with regard to the information systems supporting their mission and business functions Designs and develops new systems, applications, and solutions for external customer's enterprise-wide cyber systems and networks. Ensures system security needs established and maintained for operations development, security requirements definition, security risk assessment, systems analysis, systems design, security test and evaluation, certification and accreditation, systems hardening, vulnerability testing and scanning, incident response, disaster recovery, and business continuity planning and provides analytical support for security policy development and analysis. Integrates new architectural features into existing infrastructures, designs cyber security architectural artifacts, provides architectural analysis of cyber security features and relates existing system to future needs and trends, embeds advanced forensic tools and techniques for attack reconstruction, provides engineering recommendations, and resolves integration and testing issues. May interface with external entities including law enforcement, intelligence and other government organizations and agencies. Required skills: Cyber Security Assessment Management (CSAM), Microsoft Office 365, OWASP ZAP Proxy, SQLmap, Metasploit Pro, WebInspect, Nmap, Nessus, Burp Suite, Wireshark, John The Ripper. DESIRED QUALIFICATIONS: BS or equivalent + 2 yrs related experience, or MS + 0 yrs experience Washington , DC United States * Csra Inc. Washington DC

Vulnerability Analyst/Lead

Expired Job

Foxhole Technology