POSITION: Cyber Security Vulnerability Management Subject Matter Expert (SME)

LOCATION:  Stafford, VA.

STATUS: Contingent on Contract Award

CLEARANCE: Public Trust Moderate or Higher

 

Cask is a leading Management Consulting firm specializing in delivering business and technical expertise to clients across commercial and government markets. Join the many happy employees at Cask! We have been named a top 5 firm to work for by Consulting Magazine for 5 of the past 6 years.

 

Position Summary:

As the Cyber Security Vulnerability Management Subject Matter Expert (SME) you will be responsible for conducting vulnerability assessments, identifying, tracking, remediating, and reporting vulnerabilities in systems, applications, and networks within the Forestry Services (FS) CIO Enterprise environment.  This requires that the SME have extensive knowledge of the Forestry Services technical environment and be able to utilize existing and emerging hardware and software asset management tools.

 

 

Responsibilities:

 

·        Identify, analyze, track, and remediate vulnerabilities and flaws affecting the FS CIO Enterprise

·        Maintain and monitor vendor alerts mailboxes and subscriptions for vulnerability notifications

·       Create Change Requests (CR)/remediation release requests in system of record and track the change through to completion

·       Maintain the vulnerability tracking database/spreadsheet.

·       Generate monthly reporting of the agencies vulnerability risk exposure to include vulnerability reporting from Federal Risk and Authorization Management Program (FedRAMP) certified Cloud providers

·       Generate and publish additional vulnerability reports and metrics

·       Provide monthly remediation status report

·       Define requirements for vulnerability reports and coordinate with USDA Information Security Center (ISC) regarding requirements for automated reports

·       Support transition from manual vulnerability tracking to use of automated tools including Splunk and the CDM Dashboard.

·       Maintain vulnerability management meeting minutes

 

Experience:

·       Minimum of five (5) years’ of demonstrated experience in vulnerability management.

·       Minimum of five (5) years’ of demonstrated experience performing vulnerability/risk analysis of computer systems and applications.

·       Hands on knowledge of the Forestry Services technical environment within the FS CIO Enterprise.

·       Demonstrated working experience performing Tenable.sc/Nesses scans.

·       Demonstrated working experience in the operation and configuration of SPLUNK solutions.

·       Demonstrated working experience using Tanium and Microsoft Configuration Manager

·       Working knowledge of Continuous Diagnostics and Mitgation (CDM) Dashboard.

·       Excellent oral and written communication skills with a keen sense of customer service

 

Education, Certification, and Licensing Requirements:

·       BS in Computer Science, IT, IS, or equivalent area of technical study (IT experience can

·       substitute for a BS degree)

·       One of the following certifications or higher (CASP+, CYSA, CISSP)

·       Active Public Trust Moderate, or the ability to attain.

·       Must successfully complete a background investigation.

 

Cask is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, age, status as a protected veteran, among other things, or status as a qualified individual with a disability.

 

EEO Employer/Vet/Disabled

This position has been filled. Would you like to see our other open positions?