Synertex LLC
Computer Network Defense (CND) Vulnerability Assessment Specialist
Synertex LLC, Springfield, Virginia, us, 22161
Description
Clearance: TS/SCI with polygraph
Synertex is hiring for a
Computer Network Defense (CND) Engineer
to support our government customer based in Springfield, VA. The position requires to be onsite.
Benefits include PTO, paid Government Holidays, a 401k with 6% matching and an inclusion in our employee profit sharing program.
Responsibilities:Developing and executing the organization's continuous vulnerability assessment strategy.Measuring the effectiveness of defense-in-depth mechanisms against vulnerabilities and developing recommendations to remediate systemic security issues.Configuring, operating, maintaining, and evaluating the effectiveness of vulnerability scanning and assessment toolsets.Monitoring, evaluating, and reporting on system/network misconfigurations, non-compliance, unauthorized assets, false positives, and baseline deviations.Assessing the level of risk introduced by vulnerabilities and developing remediation strategies.Investigating and analyzing cybersecurity incidents to ensure the appropriate response activities and mitigations are applied.Distributing periodic vulnerability assessment reports, summaries, notifications, and an annual vulnerability assessment scorecard to CIO leadership and IT stakeholders.Developing and maintaining documentation as it pertains to the use and operation of vulnerability assessment tools and methodologies (SOPs, assessment plants, test plants, etc.)Requirements
ExperienceSeven or more years of progressive, hands-on experience as a cybersecurity analyst, administrator, or engineer responsible for Enterprise vulnerability management toolsets (e.g., ACAS, Tenable, Nessus, Rapid7, AppSpider, SCAP, STIG Viewer, etc.).Demonstrated proficiency and expertise in the following areas:Applying computer networking concepts, protocols, and security methodologies to Enterprise information systems.Developing and applying risk management methodologies and processes (e.g., methods for assessing and mitigating risk).Securing and evaluating information systems for compliance with DISA STIGs.Excellent initiative, problem-solving, and analytical skills with an ability to work both independently and as a team.Excellent written, verbal, communication, presentation, and reporting skills.Shall meet the minimum credential requirements for a Cyber IT/Cybersecurity Workforce (CSWF) position as defined for Vulnerability Assessment Analyst (541) Intermediate Level.
Education
Bachelor's degree from an accredited University; or
Education
CompTIA Security+ ce; orGIAC Security Essentials Certification (GSEC); orSystems Security Certified Practitioner (SSCP)
Desired Qualifications
Operating in a Cybersecurity Operations Center.Engineering/administering a variety of IT devices/tools such as Windows, Linux, Cisco, Citrix, VMWare, Active Directory, Splunk, ePO, Trellix, Tanium, Ivanti, Sentinel One, CrowdStrike, etc.Conducting penetration testing, packet inspection/analysis, malware detection, data loss prevention, incident response, forensics, etc.
Clearance: TS/SCI with polygraph
Synertex is hiring for a
Computer Network Defense (CND) Engineer
to support our government customer based in Springfield, VA. The position requires to be onsite.
Benefits include PTO, paid Government Holidays, a 401k with 6% matching and an inclusion in our employee profit sharing program.
Responsibilities:Developing and executing the organization's continuous vulnerability assessment strategy.Measuring the effectiveness of defense-in-depth mechanisms against vulnerabilities and developing recommendations to remediate systemic security issues.Configuring, operating, maintaining, and evaluating the effectiveness of vulnerability scanning and assessment toolsets.Monitoring, evaluating, and reporting on system/network misconfigurations, non-compliance, unauthorized assets, false positives, and baseline deviations.Assessing the level of risk introduced by vulnerabilities and developing remediation strategies.Investigating and analyzing cybersecurity incidents to ensure the appropriate response activities and mitigations are applied.Distributing periodic vulnerability assessment reports, summaries, notifications, and an annual vulnerability assessment scorecard to CIO leadership and IT stakeholders.Developing and maintaining documentation as it pertains to the use and operation of vulnerability assessment tools and methodologies (SOPs, assessment plants, test plants, etc.)Requirements
ExperienceSeven or more years of progressive, hands-on experience as a cybersecurity analyst, administrator, or engineer responsible for Enterprise vulnerability management toolsets (e.g., ACAS, Tenable, Nessus, Rapid7, AppSpider, SCAP, STIG Viewer, etc.).Demonstrated proficiency and expertise in the following areas:Applying computer networking concepts, protocols, and security methodologies to Enterprise information systems.Developing and applying risk management methodologies and processes (e.g., methods for assessing and mitigating risk).Securing and evaluating information systems for compliance with DISA STIGs.Excellent initiative, problem-solving, and analytical skills with an ability to work both independently and as a team.Excellent written, verbal, communication, presentation, and reporting skills.Shall meet the minimum credential requirements for a Cyber IT/Cybersecurity Workforce (CSWF) position as defined for Vulnerability Assessment Analyst (541) Intermediate Level.
Education
Bachelor's degree from an accredited University; or
Education
CompTIA Security+ ce; orGIAC Security Essentials Certification (GSEC); orSystems Security Certified Practitioner (SSCP)
Desired Qualifications
Operating in a Cybersecurity Operations Center.Engineering/administering a variety of IT devices/tools such as Windows, Linux, Cisco, Citrix, VMWare, Active Directory, Splunk, ePO, Trellix, Tanium, Ivanti, Sentinel One, CrowdStrike, etc.Conducting penetration testing, packet inspection/analysis, malware detection, data loss prevention, incident response, forensics, etc.