Vulnerability Management Analyst

Cyber Security Innovations - Suitland, MD

posted 5 days ago

Full-time
Suitland, MD
Telecommunications

About the position

The Vulnerability Management Analyst will support a government client by reviewing security scanning outputs to identify vulnerabilities and trends, developing remediation strategies, and coordinating with various stakeholders to enhance the efficiency of the remediation process. This role involves direct outreach and support for vulnerability remediation actions, contributing to the maturity of the client's internal processes and demonstrating value to the contract.

Responsibilities

  • Applying analytical and computational techniques to identify problems and recommend solutions.
  • Performing enterprise-wide strategic systems planning and business analysis.
  • Conducting process and data modeling using manual and automated tools.
  • Providing technical guidance in software engineering techniques and automated support tools.
  • Reviewing weaknesses in security tools to identify common vulnerabilities and developing remediation strategies.
  • Analyzing vulnerability data from multiple sources and technologies to recommend efficient remediation methods.
  • Assisting in improving and automating existing vulnerability management lifecycles.
  • Partnering with security tools and technology teams to enhance application configurations.
  • Providing support for scanning and vulnerability remediation reporting issues.
  • Leveraging Continuous Monitoring dashboards to correlate data across information systems.
  • Identifying process improvements for the client's Continuous Monitoring Program.
  • Assisting in understanding and prioritizing security risks across the enterprise.
  • Coordinating with the Enterprise ISSO to document remediation strategies and milestones.
  • Providing analysis and validation post-remediation and identifying opportunities for improvement.
  • Reviewing data feeds to report on critical weaknesses affecting the enterprise.
  • Correlating weaknesses documented as system level POA&Ms to determine the need for Program Level POA&Ms.

Requirements

  • Must be a US Citizen with suitable eligibility for Public Trust position.
  • Bachelor's degree in a related field.
  • Must have and maintain at least one of the following certifications: CASP, GSEC, GSLC, CISSP, CEH, CISM, CISA.
  • Must reside within a commutable distance of Camp Springs, MD to work onsite 1 day/week.
  • Demonstrated understanding of technical concepts focusing on cloud computing, automation, networking, systems administration, and information security best practices.
  • Previous experience with cloud solutions in AWS, MS Azure GovCloud, MS Office 365, or Google Services.
  • Experience with technology solutions built using Windows, CentOS, Red Hat Enterprise Linux Server, ExtremeXOS, or Ubuntu.
  • Experience using tools like Tenable.io, Nexus IQ Server, Splunk Enterprise, PrismaCloud, or CloudCheckr.
  • Experience analyzing data from security scanning tools such as Tenable.io, Qualys Guard, or Nexpose.
  • Ability to work efficiently in a dynamic environment.
  • Working knowledge of the NIST SP 800-37 Risk Management Framework.
  • Strong communication skills in both formal and informal situations.
  • Ability to adapt to an Agile environment and deliver quality work under tight deadlines.
  • Strong analytical and critical thinking skills.

Nice-to-haves

  • AWS, Azure or Google Cloud Certification (Preferred)

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service