Jobs
>
Washington, D.C.

    Vulnerability Assessment Engineer - Washington, United States - ShorePoint

    ShorePoint
    ShorePoint Washington, United States

    2 weeks ago

    Default job background
    Description

    Job Description

    Job DescriptionSalary:

    Who we are:

    ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a "work hard, play hard" mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.

    The perks:

    As recognized members of the Cyber Elite, we work together in partnership to defend our nation's critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certification maintenance and reimbursement, etc.

    Who we're looking for:

    We are seeking a Vulnerability Assessment Engineer who has experience providing support in a dynamic, fast-paced environment within the public sector. The Vulnerability Assessment Engineer will perform comprehensive assessments that produces actionable security recommendations that are tailored to the assessed environment, to include vulnerability assessment and vulnerability management. This is a unique opportunity to join an exciting company where you will have a voice and be an active participant in driving growth and shaping our companies' culture.

    What you'll be doing:

    • Work closely with target organizations to ensure full comprehension of the standard security controls; conduct site visits as required
    • Assist with security controls compliance assessments using established matrixes of tailored control and provide expert support in assessments of target organizations
    • Provide support to Vulnerability Management programs
    • Provide support to assessed organizations to ensure proper tracking of Plan of Action and Milestone (POA&M) items
    • Provide support and conduct annual reviews of the security controls (or some subset of the security controls) to ensure continued compliance as requested
    • Assist with establishing footholds on endpoints within monitored organizations networks to provide day-to-day visibility into the security posture
    • Provide expert support for the development and maintenance of develop of processes and best-practices for evaluating A&A data through a standard scorecard
    • Utilize industry standard tools for automating the review of system configuration and security control compliance
    • Conduct periodic NIST controls assessments in support of network authorization and continuous monitoring
    • Provide detailed observations from controls assessments in the form of Security Assessment Report (SAR) and Risk Assessment Report (RAR) documents
    • Employ a scan-patch-scan methodology to ensure all systems identify and receive appropriate security patches
    • Conduct vulnerability scanning using industry standard tools (e.g., Tenable Nessus) on a weekly to bi-weekly basis
    • Report scan result data to appropriate system administrators to aid in the deployment of system updates and patches
    • Develop a mitigation plan detailing a prioritized timeline for patch deployment (e.g., day patch deadlines based on each finding's severity level)
    • Conduct false positive analysis and vulnerability analysis to determine the legitimacy of all detected vulnerabilities as well as prioritize their remediation
    • Configure the identified application to effectively ingest, process, and report vulnerability data collected during assessments as well as data provided from organizations' self-assessments
    • Conduct long term trend analysis, identifying improvements or degradations in system security posture across the enterprise
    • Provide dashboard views of data roll-ups from all facets of assessed systems (e.g., risk, vulnerability data, POA&M status) to present high-level executive summary reports to government leadership

    What you need to know:

    • Ability to conduct Vulnerability Assessments using industry tools - NESSUS, Tenable, etc. Experience with Tenable or ) in an enterprise environment highly preferred.
    • Experience in vulnerability management strategies, standards, procedures and technologies across infrastructure and application-level vulnerabilities.
    • Experience scanning Windows, RHEL and Centos Operating Systems and troubleshooting scans, to include the ability to communicate with customers daily describing the results of scans
    • Experience scanning Virtual environments to include VMware vSphere infrastructures,
    • Network devices, Databases (Oracle, MSSQL, MySql, Postgres), and websites web with
    • Intermediate to advanced knowledge of the following platforms in an enterprise environment: Windows and RHEL, routing, switching, IDS, IPS, Firewalls
    • An understanding of mapping and scanning applications and systems, including port scanning, identifying services and configurations, application flow charting, and session analysis.

    Must have's:

    • Bachelors in Cybersecurity, Computer Science/Electrical Engineering, Engineering, or IT
    • Top Secret with SCI eligibility and ability to pass a Counterintelligence (CI) polygraph
    • Shall possess one or more of the following certifications: (ISC)2 Certified Information Security Professional (CISSP), ISACA Certified Information Systems Auditor (CISA), SANs GIAC certification (e.g., GPEN or GW APT), and EC-Council Certified Ethical Hacker (CEH)

    Beneficial to have the following:

    • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)
    • Comprehensive knowledge in the one or more of the following areas: information security, network security, Windows security, UNIX/Linux security, and web application security
    • Demonstrated success and understanding of accepted frameworks such as, ISO/IEC 27001, COBIT, and NIST, including rev 5 and the ATO process
    • Ability to research new trends, techniques, and packaging of malicious software to stay current and ready to identify and handle zero-day exploits

    Where it's done:

    • Washington, D.C
  • ShorePoint

    Vulnerability Assessment Engineer

    1 week ago

    ShorePoint Washington, United States

    Job Description · Job DescriptionSalary: · Who we are: · ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security mode ...

  • Soft Tech Consulting

    Cybersecurity System Assessment Engineer

    3 weeks ago

    Soft Tech Consulting Alexandria, United States

    Overview · Soft Tech Consulting is seeking a highly motivated, self-directed individual to fill the role of a Cybersecurity System Assessment Engineer for an existing government client. The place of performance for this contract is in Northern VA. · MUST HAVE TOP SECRET CLEARAN ...

  • Leidos

    Naval Architect

    3 weeks ago

    Leidos Washington, United States

    **Description** · Leidos | Gibbs & Cox, is the largest independent naval architecture and marine engineering firm in the United States. Since our founding in 1929, 24 classes of combatants and nearly 7,000 vessels have been built to Gibbs & Cox designs. We proudly support militar ...

  • Leidos

    Naval Architect

    3 weeks ago

    Leidos Washington, United States

    **Description** · Gibbs & Cox, a wholly owned subsidiary of Leidos, is the largest independent naval architecture and marine engineering firm in the United States. Since our founding in 1929, 24 classes of combatants and nearly 7,000 vessels have been built to Gibbs & Cox designs ...

  • DC Public Schools

    Engineering Teacher @ Anacostia Hs Sy 24-25

    1 week ago

    DC Public Schools Washington, United States

    We are looking for a highly motivated and skilled **Engineering Teacher** to join our team at Anacostia High School located within the District of Columbia Public Schools (DCPS). We seek individuals who are passionate about transforming the DC school system and making a significa ...

  • Tyto Athene

    Vtc Subject Matter Expert

    3 weeks ago

    Tyto Athene Washington, United States

    Tyto Athene is seeking a **VTC Subject Matter Expert** to support our offices in DC and VA. · **What You Will Be Doing** · - Develop IDP's by successfully emulating, adapting and replicating current client design rules. The SME, on occasion may be required to produce and/or modif ...

  • US Customs and Border Protection

    Physical Scientist

    3 weeks ago

    US Customs and Border Protection Washington, United States

    **Duties**: · This position starts at a salary of $139, GS-14, Step 1) to $181, GS-14, Step 10). · This position is located in Laboratories and Scientific Services (LSS), Interdiction Technology Branch (ITB), within the Operations Support Office (OS) of Customs and Border Protect ...

  • Advanced Decision Vectors, LLC

    Communications Associate

    2 weeks ago

    Advanced Decision Vectors, LLC Washington, United States

    **Advanced Decision Vectors, LLC (ADV), **established in 2009, provides superior program management, program support, strategic planning, and systems engineering to the Federal and Commercial sectors. Located in Alexandria, Virginia, ADV is a Small Disadvantaged Business (SDB) co ...

  • Veracity Engineering

    Infosec/cybersecurity Specialist

    1 week ago

    Veracity Engineering Washington, United States

    **WHAT THE POSITION ENTAILS**: · In 2013, the National Airspace System (NAS) was identified through Presidential Executive Order 13636 "Improving Critical Infrastructure Cybersecurity" as a national Critical Infrastructure and Key Resource (CIKR) for which a cyber-attack could ha ...

  • WILLCOR Inc

    Cybersecurity Rmf Analyst

    1 week ago

    WILLCOR Inc Washington, United States

    **Job Title**: Cybersecurity RMF Analyst · **Location**: DC/Navy Yard (Telework is acceptable) · **Required Clearance**: Secret · **Salary**: Negotiable · **Description**: · **Key Responsibilities**: · Serve as a Cybersecurity RMF Analyst / Information Systems Security Officer (I ...

  • Chevo Consulting

    Cpic/portfolio Analyst

    1 week ago

    Chevo Consulting Washington, United States

    **Duties and Responsibilities**: · - Support annual program assessments, evaluating shortcomings and developing recovery plans using modern techniques. · - Utilize IT reporting system, INVEST, to manage IT Investment reporting and assist managers by giving updates on the IT budge ...

  • RealPage, Inc.

    Field Project Manager

    2 weeks ago

    RealPage, Inc. Washington, United States

    **SUMMARY** · Whitesky Communications partners with student housing, luxury apartments, hotels, adult living, and assisted living/hospitals to provide bulk Internet, Cable, and Voice services. · As a Project Manager, reporting to the Director of Project Management, you will be re ...

  • Bay Atlantic University

    Dean for Information Sciences and Engineering

    2 weeks ago

    Bay Atlantic University Washington, United States

    **Position Title: Full-Time Faculty, Dean for Information Sciences and Engineering** · **Department**:Academic Office **Reports To**: Chief Academic Officer · **Primary Location**: Washington, DC **FLSA Classification**: Non-Exempt · **Parameters**: Full-time; 12 months/year **Pa ...

  • TekSynap

    Information Systems Security Officer

    3 weeks ago

    TekSynap Washington, United States

    Responsibilities & Qualifications: · **RESPONSIBILITIES** · The Information Systems Security Officer is expected to be able to: · - Support Engineering and Operations network solutions and strategic adherence to all aspects of the Information Assurance (IA) program as stipulated ...

  • Tech-Marine Business, Inc.

    Shipboard Systems Expert

    3 weeks ago

    Tech-Marine Business, Inc. Washington, United States

    Overview: · **_ COMMITMENT. EXCELLENCE. INTEGRITY._** · **_ · Our Mission Statement_** · - TMB will strive to be the best Employee-Owned Business contributing to our National Defense._ · - We are committed to providing meaningful work, fair compensation, benefits that support a w ...

  • Washington Metropolitan Area Transit Authority

    Trainee - Rail Traffic Controller

    2 weeks ago

    Washington Metropolitan Area Transit Authority Washington, United States

    Job Description**THIS JOB POSTING IS BEING UTILIZED TO DEVELOP A ROBUST PIPELINE OF QUALIFIED CANDIDATES TO ADDRESS FUTURE OPPORTUNITIES FOR THIS POSITION. SUCCESSFUL PASSING OF A PRE-EMPLOYMENT ASSESSMENT WILL BE REQUIRED**. · **Minimum Qualifications** · **Education** · - High ...

  • SecuriGence LLC

    Engineering Lead

    1 week ago

    SecuriGence LLC Washington, United States

    **Job Title**: Engineering Lead · **Location**: Washington, DC Metropolitan area. Remote / Hybrid possibility · **Clearance Level**: Public Trust · **Summary** · We deliver essential technology services to our customers in support of their missions to sustain the national securit ...

  • Precise Systems

    Awards Analyst

    2 weeks ago

    Precise Systems Washington, United States

    As a solutions-based company, Precise Systems is focused on innovation in support of the warfighters and aligning our expertise to deliver the highest quality of service. Powered by our highly skilled workforces, we provide expert consultation on network and weapons systems acqui ...

  • Modern Technology Solutions, Inc.

    Security Control Assessor

    2 weeks ago

    Modern Technology Solutions, Inc. Washington, United States

    Own Your Future. · Modern Technology Solutions, Inc. (MTSI) is seeking a **Security Control Assessor (SCA) II** to join our team. · **Why is MTSI known as a Great Place to Work?** · - ** Interesting Work**: Our co-workers support some of the most important and critical programs t ...

  • American Bureau of Shipping (ABS)

    Quality Assurance Manager

    1 week ago

    American Bureau of Shipping (ABS) Washington, United States

    At ABSG Consulting, risk analysis is our foundation. ABSG Consulting is a global professional services company with 100+ offices in 30+ countries. Our Global Government division, headquartered in Washington, DC, deploys cutting-edge technical expertise for federal agencies such a ...