Gray Tier Technologies
Senior Scanner/ Analyst
Gray Tier Technologies, Leesburg, Virginia, United States, 22075
Gray Tier Technologies is seeking a Sr. Scanner/Analyst to join our growing team in support of a Security Operations Center on a newly awarded contract. The ideal candidate will have experience working in a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC).Responsibilities
Provide onsite and remote vulnerability scanning and assessment capabilities as a sustained, full-time program independent of incident detection, recovery, or reporting activities.Work with system owners, system developers, and/or system administrators to holistically examine the security vulnerability findings and assessments of their systems through a review of the security scans reports, as requested.Coordinate with the Government to use these findings to inform, expand, or focus vulnerability scanning and monitoring efforts.Create and maintain a method of tracking and reporting on trends identified in the vulnerability assessment process to improve the efficiency or reduce the cost of delivery of the service.Document, maintain, and update processes and procedures for performing and conducting vulnerability scanning, vulnerability analyses, and risk assessments of FAA/DOT systems and networks.Provide documentation, maintenance, and update of processes and procedures of Government-furnished vulnerability assessment tools and penetration testing tools.Ensure all staff are trained and knowledgeable of the vulnerability scanning and penetration testing tools and in the ability to assess vulnerability scan findings.Document vulnerability mitigation processes and procedures as a result of vulnerability findings and risk assessments for FAA/DOT systems and networks, as defined by FAA Policy and Procedures.Document processes and procedures for reporting newly discovered (zero-day) vulnerabilities.Ensure all vulnerability scanning tools and subsystems maintained by FAA SOC are deployed and maintained in accordance with FISMA and NIST assessment and authorization standards.Qualifications
The ideal candidate will have experience leading a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC).Minimum ten (10) years IT experience.Experience with vulnerability assessment tools including Web Inspect, Nessus and/or Found Scan.Experience working in a SOC-type environment.May be exposed to dust/dirt, humidity, and noise.
#J-18808-Ljbffr
Provide onsite and remote vulnerability scanning and assessment capabilities as a sustained, full-time program independent of incident detection, recovery, or reporting activities.Work with system owners, system developers, and/or system administrators to holistically examine the security vulnerability findings and assessments of their systems through a review of the security scans reports, as requested.Coordinate with the Government to use these findings to inform, expand, or focus vulnerability scanning and monitoring efforts.Create and maintain a method of tracking and reporting on trends identified in the vulnerability assessment process to improve the efficiency or reduce the cost of delivery of the service.Document, maintain, and update processes and procedures for performing and conducting vulnerability scanning, vulnerability analyses, and risk assessments of FAA/DOT systems and networks.Provide documentation, maintenance, and update of processes and procedures of Government-furnished vulnerability assessment tools and penetration testing tools.Ensure all staff are trained and knowledgeable of the vulnerability scanning and penetration testing tools and in the ability to assess vulnerability scan findings.Document vulnerability mitigation processes and procedures as a result of vulnerability findings and risk assessments for FAA/DOT systems and networks, as defined by FAA Policy and Procedures.Document processes and procedures for reporting newly discovered (zero-day) vulnerabilities.Ensure all vulnerability scanning tools and subsystems maintained by FAA SOC are deployed and maintained in accordance with FISMA and NIST assessment and authorization standards.Qualifications
The ideal candidate will have experience leading a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC).Minimum ten (10) years IT experience.Experience with vulnerability assessment tools including Web Inspect, Nessus and/or Found Scan.Experience working in a SOC-type environment.May be exposed to dust/dirt, humidity, and noise.
#J-18808-Ljbffr