Cybersecurity Vulnerability Management Specialist - Vienna, United States - AAC Inc

AAC Inc

Verified Company

Vienna, United States

3 weeks ago

Posted by:

Mark Lane

beBee recruiter

Description

Coordinates communication of vulnerabilities and then validates and tracks remediation.

Provides guidance, assistance, and coordination to systems developers and administrators to ensure the proper and timely implementation of information systems security standards and vulnerability remediation for systems under development and deployed production systems.

Conducts security controls assessments for new and existing systems and networks. Recommends new or revised security measures and countermeasures for current security challenges.

Develops standard operating procedures and/or user guides that provide detailed instructions for implementing information systems security controls.

Creates and maintains as-built system documentation, architecture diagrams, and online collaborative documentation such as a Wiki page, as they relate to the vulnerability management program.

Determines security modes of operation and the need for new or updated guidelines based on policy and technology changes.

Monitors, evaluates, and reports on the status and condition of information systems security programs, controls, and implementation throughout the enterprise, and directing corrective actions to eliminate or reduce risks.

This requires in-depth analysis of systems development plans to ensure that security requirements and specifications are adequately defined and that security features are sufficiently rigorous to protect systems throughout the system's life cycle.

Responds to systems and network security incidents, e.g., system compromise, loss of confidentiality, authentication problems, etc. Analyzes incident reports, interviews end-users and system owners as needed, isolates potential sources, and recommends solutions to the supervisor. Remediates security vulnerabilities in response to security incident reports, identifies and isolates problem sources and corrects problems as necessary. Evaluates new and improved security technologies and recommends adoption of new technologies.

Required Experience

Requires bachelor's degree in computer science, cyber security, engineering, or a related technical field plus 7 years of related experience with 5 years being in system/network administration and systems security administration. Additional experience can be substituted for a degree.
Requires knowledge of information systems security principles and methods, the requirements for certification and accreditation of systems testing and evaluation, and performance management methods.
Must have knowledge of test and assessment methods to evaluate security authentication technologies.
Must have knowledge of network operations and protocols, and development life cycle management.
Must have current/recent handson experience administering and operating an enterprise implementation of Tenable Security Center
Must have handson experience with running scans, validating findings, generating and disseminating reports, and facilitating remediation.
Experience with Incident Response.
Demonstrated ability to effectively communicate orally and in writing.
Experience supporting a nationwide mid to large Federal agency enterprise is a plus.
CISSP certification required.
Must be able to obtain Level 2 Secret (ANACI) clearance.