POSITION: Cyber Security Vulnerability Management Analyst

LOCATION:  Stafford, VA.

STATUS: Contingent on Contract Award

CLEARANCE: Public Trust Moderate or Higher

 

Cask is a leading Management Consulting firm specializing in delivering business and technical expertise to clients across commercial and government markets. Join the many happy employees at Cask! We have been named a top 5 firm to work for by Consulting Magazine for 5 of the past 6 years.

 

Position Summary:

As the Cyber Security Vulnerability Management Analyst, you will be responsible for providing operational management of vulnerability scanners within the enterprise. In order to proactively address IT security, you will conduct vulnerability scans, analysis, and reporting on systems, applications, and networks,

 

 

Responsibilities:

 

·       Provide operation and management functions of vulnerability scanners to include OS and scanning software patching, secure configuration management, lifecycle management, architecture changes, and troubleshooting.

·        Conduct vulnerability scans utilizing Tenable.sc/Nesses, Tenable.IO Web application scanner, and Tanium).

·       Monitor scans for any full or partial scan failures.  Resolve any identified failures.

·        Perform investigations of reported false positives and false negatives, including opening support cases with the scanner vendors to support and resolve such issues

·        Provide operation and management functions of Tripwire and perform enterprise-wide detection of server configuration changes using Tripwire

·       Prepare a report monthly of analysis of security configuration management following the common vulnerability reporting framework.

·       Prepare a report to ISSO bi-monthly of any suspicious system changes.

·        Provide a summary of vulnerability scanning efforts and metrics as part of the MPPR monthly.

 

 

Experience:

·       Minimum of five (5) years’ of demonstrated experience in vulnerability management.

·       Minimum of five (5) years’ of demonstrated experience performing vulnerability/risk analysis of computer systems and applications.

·       Demonstrated working experience performing Tenable.sc/Nesses scans.

·       Demonstrated working experience in the operation of Tripwire.

·       Demonstrated working experience using Tanium and Microsoft Configuration Manager

·       Excellent oral and written communication skills with a keen sense of customer service

 

Education, Certification, and Licensing Requirements:

·       BS in Computer Science, IT, IS, or equivalent area of technical study (IT experience can substitute for a BS degree)

·       One of the following certifications or equivalent certifications. (CASP+, CYSA+, CEH)

·       Active Public Trust Moderate, or the ability to attain.

·       Must successfully complete a background investigation.

 

Cask is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, age, status as a protected veteran, among other things, or status as a qualified individual with a disability.

 

EEO Employer/Vet/Disabled

This position has been filled. Would you like to see our other open positions?