Orion Consortium
ISSE 1 - Vulnerability Assessment Analyst
Orion Consortium, Annapolis, Maryland, United States, 21403
Key Responsibilities:
• Maintain and optimize the Tenable Security Center infrastructure.• Conduct regular security patching, assessments and scans on Linux Security Center servers using Tenable Nessus.• Mitigate STIGS/Vulnerabilities on Tenable Linux Security Center Servers and Windows/Linux Nessus Scanning Servers.• Install and update Tenable Nessus Software on Linux/Windows Scanning Servers.• Install and update Tenable Security Center Software on Linux Servers.• Configure and fine-tune scanning policies and asset lists to ensure thorough vulnerability coverage.• Keep abreast of the latest Tenable Security Center features and updates.• Perform regular vulnerability assessments of multiple device types and Operating Systems using Tenable Security Center.• Utilize Nessus Scanning Tool to identify vulnerabilities across customer assets on a Continuous Monitoring basis.• Review Nessus/ACAS scan results and provide direction where required.• Recognizes potential, successful, and unsuccessful scan results for efficiency in reporting compromises thorough reviews and analyses of relevant event detail and summary information.• Analyze scan results and generate comprehensive vulnerability reports.• Monitor and track vulnerability remediation progress.• Collaborate with ISS and other teams to ensure timely vulnerability remediation.• Communicate effectively with stakeholders about the security posture and potential risks.• Prepare and deliver clear and concise reports to management and stakeholders.• Maintain accurate records of security incidents and vulnerabilities.
Mandatory Skills:Familiarity with DISA STIGs, Tenable Audit files, and / or CIS BenchmarksHands-on operational experience with enterprise vulnerability management and scanning solutions, such as TenableKnowledge of system and application security threats and vulnerabilitiesWorking knowledge of networking, Linux/Unix, Windows administration, patch deployment and system configuration
Desired Skills:In-depth knowledge of vulnerability assessment methodologies, tools, and best practicesSelf-starter, ability to work effectively both independently and as part of a team including the ability and desire to own every aspect of a task from start to finishStrong analytical and problem-solving abilities, with a keen attention to detail
Certification Required:IAT Level 1 or higher level certification.
Education/Experience:HS or GED - 11 YearsBachelors - 7 Years
TS/SCI w/ FS Polygraph Required.
Position requires a TS/SCI.
• Maintain and optimize the Tenable Security Center infrastructure.• Conduct regular security patching, assessments and scans on Linux Security Center servers using Tenable Nessus.• Mitigate STIGS/Vulnerabilities on Tenable Linux Security Center Servers and Windows/Linux Nessus Scanning Servers.• Install and update Tenable Nessus Software on Linux/Windows Scanning Servers.• Install and update Tenable Security Center Software on Linux Servers.• Configure and fine-tune scanning policies and asset lists to ensure thorough vulnerability coverage.• Keep abreast of the latest Tenable Security Center features and updates.• Perform regular vulnerability assessments of multiple device types and Operating Systems using Tenable Security Center.• Utilize Nessus Scanning Tool to identify vulnerabilities across customer assets on a Continuous Monitoring basis.• Review Nessus/ACAS scan results and provide direction where required.• Recognizes potential, successful, and unsuccessful scan results for efficiency in reporting compromises thorough reviews and analyses of relevant event detail and summary information.• Analyze scan results and generate comprehensive vulnerability reports.• Monitor and track vulnerability remediation progress.• Collaborate with ISS and other teams to ensure timely vulnerability remediation.• Communicate effectively with stakeholders about the security posture and potential risks.• Prepare and deliver clear and concise reports to management and stakeholders.• Maintain accurate records of security incidents and vulnerabilities.
Mandatory Skills:Familiarity with DISA STIGs, Tenable Audit files, and / or CIS BenchmarksHands-on operational experience with enterprise vulnerability management and scanning solutions, such as TenableKnowledge of system and application security threats and vulnerabilitiesWorking knowledge of networking, Linux/Unix, Windows administration, patch deployment and system configuration
Desired Skills:In-depth knowledge of vulnerability assessment methodologies, tools, and best practicesSelf-starter, ability to work effectively both independently and as part of a team including the ability and desire to own every aspect of a task from start to finishStrong analytical and problem-solving abilities, with a keen attention to detail
Certification Required:IAT Level 1 or higher level certification.
Education/Experience:HS or GED - 11 YearsBachelors - 7 Years
TS/SCI w/ FS Polygraph Required.
Position requires a TS/SCI.