Logo
EMTAK LLC

Vulnerability Assessment Analyst GW - TS/SCI Poly Required

EMTAK LLC, Annapolis, MD


The Vulnerability Assessment Analyst shall:
• Maintain and optimize the Tenable Security Center infrastructure.
• Conduct regular security patching, assessments and scans on Linux Security Center servers using Tenable Nessus.
• Mitigate STIGS/Vulnerabilities on Tenable Linux Security Center Servers and Windows/Linux Nessus Scanning Servers.
• Install and update Tenable Nessus Software on Linux/Windows Scanning Servers.
• Install and update Tenable Security Center Software on Linux Servers.
• Configure and fine-tune scanning policies and asset lists to ensure thorough vulnerability coverage.
• Keep abreast of the latest Tenable Security Center features and updates.
• Perform regular vulnerability assessments of multiple device types and Operating Systems using Tenable Security Center.
• Utilize Nessus Scanning Tool to identify vulnerabilities across customer assets on a Continuous Monitoring basis.
• Review Nessus/ACAS scan results and provide direction where required.
• Recognizes potential, successful, and unsuccessful scan results for efficiency in reporting compromises thorough reviews and analyses of relevant event detail and summary information.
• Analyze scan results and generate comprehensive vulnerability reports.
• Monitor and track vulnerability remediation progress.
• Collaborate with ISS and other teams to ensure timely vulnerability remediation.
• Communicate effectively with stakeholders about the security posture and potential risks.
• Prepare and deliver clear and concise reports to management and stakeholders.
• Maintain accurate records of security incidents and vulnerabilities.

Mandatory Skills:
  • Familiarity with DISA STIGs, Tenable Audit files, and / or CIS Benchmarks
  • Hands-on operational experience with enterprise vulnerability management and scanning solutions, such as Tenable
  • Knowledge of system and application security threats and vulnerabilities
  • Working knowledge of networking, Linux/Unix, Windows administration, patch deployment and system configuration
  • CEH, Security+
  • Bachelors Degree + 7 years technical experience. Four years of experience can be substituted for degree.
Desired Skills:
  • In-depth knowledge of vulnerability assessment methodologies, tools, and best practices
  • Self-starter, ability to work effectively both independently and as part of a team including the ability and desire to own every aspect of a task from start to finish
  • Strong analytical and problem-solving abilities, with a keen attention to detail