United Global Technologies
IT Security Vulnerability Assessment Specialist TopSecret Clearance required
United Global Technologies, Idaho Falls, Idaho, United States, 83401
Must have minimum active Top-Secret Clearance and be onsite in Idaho Falls, Idaho. NO EXCEPTIONS.IT Vulnerability Assessment Specialist
is an expert in vulnerability methodologies, assessments, incident response/remediation, and cybersecurity scanners/tools. Investigation and out-of-the-box thinking are key to this role.Responsibilities
Developing and executing the organization's continuous vulnerability assessment strategy.Measuring the effectiveness of defense-in-depth mechanisms against vulnerabilities and developing recommendations to remediate systemic security issues, level of threat, triage, and best practices.Configuring, operating, maintaining, and evaluating the effectiveness of vulnerability scanning and assessment toolsets.Monitoring, evaluating, and reporting on system/network misconfigurations, non-compliance, unauthorized assets, false positives, and baseline deviations.Assessing the level of risk introduced by vulnerabilities and developing remediation strategies.Investigating and analyzing cybersecurity incidents to ensure the appropriate response activities and mitigations are applied.Distributing periodic vulnerability assessment reports, summaries, notifications, and an annual vulnerability assessment scorecard to CIO leadership and IT stakeholders. Developing and maintaining documentation as it pertains to the use and operation of vulnerability assessment tools and methodologies (SOPs, assessment plans, test plans, etc.).Qualifications
Seven or more years of progressive, hands-on experience as a cybersecurity analyst, administrator, or engineer responsible for Enterprise vulnerability management toolsets (e.g., ACAS,
Tenable, Nessus , Rapid7, AppSpider, SCAP,
STIG
Viewer, etc.).Demonstrated proficiency and expertise in the following areas:Applying computer networking concepts, protocols, and security methodologies to Enterprise information systems.Developing and applying risk management methodologies and processes (e.g., methods for assessing and mitigating risk).Outside-of-the-box thinking and assessments for root cause analysis and remediation techniques.Securing and evaluating information systems for compliance with DISA STIGs.Excellent initiative, problem-solving, and analytical skills with an ability to work both independently and as a team.Excellent written, verbal, communication, presentation, and reporting skills.Shall meet the minimum credential requirements for a Cyber IT/Cybersecurity Workforce position as defined for Vulnerability Assessment Analyst.Intermediate Level.Education: Bachelor's degree from an accredited University; or Certifications: CompTIA Security+ ce; or GIAC Security Essentials Certification (GSEC); or Systems Security Certified Practitioner (SSCP).Desired Qualifications: Operating in a Cybersecurity Operations Center.Engineering/administering a variety of IT devices/tools such as Windows, Linux, Cisco, Citrix, VMWare, Active Directory, Splunk, ePO, Trellix, Tanium, Ivanti, Sentinel One, CrowdStrike, etc.Conducting penetration testing, packet inspection/analysis, malware detection, data loss prevention, incident response, forensics, etc.Security Clearance: The position requires an active Top Secret and/or SCI clearance with the ability to obtain and maintain a Counterintelligence (CI) Polygraph.Onsite in Idaho Falls, Idaho.
#J-18808-Ljbffr
is an expert in vulnerability methodologies, assessments, incident response/remediation, and cybersecurity scanners/tools. Investigation and out-of-the-box thinking are key to this role.Responsibilities
Developing and executing the organization's continuous vulnerability assessment strategy.Measuring the effectiveness of defense-in-depth mechanisms against vulnerabilities and developing recommendations to remediate systemic security issues, level of threat, triage, and best practices.Configuring, operating, maintaining, and evaluating the effectiveness of vulnerability scanning and assessment toolsets.Monitoring, evaluating, and reporting on system/network misconfigurations, non-compliance, unauthorized assets, false positives, and baseline deviations.Assessing the level of risk introduced by vulnerabilities and developing remediation strategies.Investigating and analyzing cybersecurity incidents to ensure the appropriate response activities and mitigations are applied.Distributing periodic vulnerability assessment reports, summaries, notifications, and an annual vulnerability assessment scorecard to CIO leadership and IT stakeholders. Developing and maintaining documentation as it pertains to the use and operation of vulnerability assessment tools and methodologies (SOPs, assessment plans, test plans, etc.).Qualifications
Seven or more years of progressive, hands-on experience as a cybersecurity analyst, administrator, or engineer responsible for Enterprise vulnerability management toolsets (e.g., ACAS,
Tenable, Nessus , Rapid7, AppSpider, SCAP,
STIG
Viewer, etc.).Demonstrated proficiency and expertise in the following areas:Applying computer networking concepts, protocols, and security methodologies to Enterprise information systems.Developing and applying risk management methodologies and processes (e.g., methods for assessing and mitigating risk).Outside-of-the-box thinking and assessments for root cause analysis and remediation techniques.Securing and evaluating information systems for compliance with DISA STIGs.Excellent initiative, problem-solving, and analytical skills with an ability to work both independently and as a team.Excellent written, verbal, communication, presentation, and reporting skills.Shall meet the minimum credential requirements for a Cyber IT/Cybersecurity Workforce position as defined for Vulnerability Assessment Analyst.Intermediate Level.Education: Bachelor's degree from an accredited University; or Certifications: CompTIA Security+ ce; or GIAC Security Essentials Certification (GSEC); or Systems Security Certified Practitioner (SSCP).Desired Qualifications: Operating in a Cybersecurity Operations Center.Engineering/administering a variety of IT devices/tools such as Windows, Linux, Cisco, Citrix, VMWare, Active Directory, Splunk, ePO, Trellix, Tanium, Ivanti, Sentinel One, CrowdStrike, etc.Conducting penetration testing, packet inspection/analysis, malware detection, data loss prevention, incident response, forensics, etc.Security Clearance: The position requires an active Top Secret and/or SCI clearance with the ability to obtain and maintain a Counterintelligence (CI) Polygraph.Onsite in Idaho Falls, Idaho.
#J-18808-Ljbffr