Job Title: Cybersecurity Vulnerability Analyst Engineer (Remote)

Location: Washington, DC

Duration: 12 Months+

Complete Description

This position is housed under the client. The resource shall design and develop security monitoring and reporting tools such as alerts, metrics and dashboards. The resource shall monitor and report on access to sensitive data and responds to data breaches accordingly. The resource shall develop and maintain security applications and configuration management solutions. The resource shall create procedures to help teams make the most out of the available infrastructure. The resource shall review projects and coordinate changes with internal and external organizations. The resource shall perform other related duties as assigned.

Responsibilities

• Conduct comprehensive vulnerability assessments using industry-standard tools, techniques, and methodologies.
• Utilize Tenable Nessus tool to perform scans, analyze results, and identify potential vulnerabilities in operating systems (setup/configure/interpret/update/maintain)
• Utilize Qualys Web Application Scanning (WAS) tool to perform scans, analyze results, and identify potential vulnerabilities in web applications (setup/configure/interpret/update/maintain)
• Utilize static code analysis tools such as SonarQube and Fortify to identify vulnerability issues with code and for proper software quality (setup/configure/interpret/update/maintain)
• Perform manual penetration testing, vulnerability validation, and exploit analysis.
• Collaborate with cross-functional teams to assess vulnerabilities, prioritize remediation efforts, and implement appropriate security controls.
• Stay up to date with the latest cybersecurity threats, vulnerabilities, and industry best practices.
• Perform detailed analysis and prepare summary reports for O&M teams for addressing critical vulnerabilities.
• Develop and maintain vulnerability assessment documentation, reports, and metrics for both internal clients and external partners (POAMs, audits, etc.)
• Participate in the development of new, and in reviews and updates of existing security-related documents for compliance (SSPs, SARs, CAPs, policies, etc.)
• Participate in incident response activities, including vulnerability-related incidents.
• Contribute to the design, build and test security technologies/architectures and systems related to client on-premises and cloud infrastructure.

Qualifications

• Minimum of 5 years of experience working in cybersecurity or a similar role
• Strong understanding of web application security, vulnerability assessment, and penetration testing methodologies for both on-premises and cloud environments
• Considerable experience in analyzing and interpreting vulnerability scanning results and providing actionable recommendations.
• Expertise and proficiency in using Tenable, Qualys and similar tools for vulnerability scanning (OS, web applications, etc.)
• Familiarity with other vulnerability assessment tools such as Burp Suite, ZAP, OpenVAS, Metasploit, etc.
• Ability to use static code analysis tools (SonarQube, Fortify, etc.) to discover, interpret and report coding and software issues.
• Solid knowledge of common web application vulnerabilities (e.g., OWASP Top 10) and the ability to mitigate them effectively.
• Must have working knowledge and understanding of NIST cybersecurity framework, CIS benchmarks, FISMA, HIPAA, and similar standards and guidelines.
• Must have knowledge and skills to administer, support and maintain security tools such as Splunk Enterprise Security/SIEM for log analysis and event correlation, McAfee ePO for endpoint protection (malware and threat prevention), McAfee DAM for database activity monitoring, etc.
• Must have capability to utilize analyze native systems and applications logs, and also to make use of log ingestion platforms for security analytics and identification of tactics, techniques and patterns of attackers.
• Must have an understanding of network security concepts, including firewalls, VPNs, IDS/IPS, MFA, and SIEM solutions.
• Must know about endpoint protection (malware, ransomware and similar threats)
• Must have an understanding of database security requirements.
• Must have an exposure to file integrity monitoring tools to detect changes to core systems.
• Must have solid knowledge of Linux OS, particularly Red Hat Enterprise Linux
• Must possess an understanding of Microsoft Windows Server OS
• Provide input on other security-related architecture, issues, and features (i.e., Firewalls, Application Proxies, WAFs, Web servers, APIs, Network Security, etc.)
• Excellent problem-solving and analytical skills
• Relevant certifications such as CEH, OSCP, or GIAC are a plus
• Demonstrate in interview(s) your abilities to perform the tasks and duties necessary as defined above in Responsibilities.

Responsibilities

• Expertise in implementing, administrating and operating information security technologies such as firewalls, IDS/IPS, SIEM, Antivirus, network traffic analyzers and malware analysis tools.
• Utilizes advanced experience with scripting and tool automation such as Perl, PowerShell, Regex.
• Develops, leads, and executes information security incident response plans.
• Develops standard and complex IT solutions & services, driven by business requirements and industry standards.
• May also leverage dynamic and static code assessment tools to measure vulnerability of applications throughout the SDLC.

Minimum Education/Certification Requirements

• BS Degree in IT, Computer Science, or Engineering, or equivalent experience
• Masters Degree in Engineering or Computer Science is HIGHLY PREFERRED

Skills

Skills

Required / Desired

Amount

Of Experience

Hands-on knowledge of vulnerability assessments and mitigations (systems/applications/code).

Required

11

Years

Professional experience implementing and monitoring security controls in accordance with FISMA (NIST 800 series), IRS 1075 and CIS guidelines.

Required

5

Years

Ability to build and monitor security compliance services on production systems.

Required

11

Years

Professional knowledge of operating systems (OS), physical servers and virtual machines.

Required

11

Years

In Depth knowledge of Security Monitoring Tools (Database Security, Application Security, Firewalls, General Network Security) Examples:

Required

5

Years

16+ yrs. implementing, administering, and operating IS tech such as firewalls, IDS/IPS, SIEM, Antivirus, net traffic analyzers, and malware analysis

Required

16

Years

16+ yrs. utilizing advanced experience with scripting and tool automation such as Perl, PowerShell, Regex

Required

16

Years

16+ yrs. developing, leading, and executing information security incident response plans

Required

16

Years

16+ yrs. developing standard and complex IT solutions & services, driven by business requirements and industry standards

Required

16

Years

BS Degree in IT, Cybersecurity, Engineering, or equivalent experience

Required

McAfee Database Security Suite (DAM), McAfee ePO, Tenable Security Center/Nessus, Trustwave App Scanner, Tripwire Enterprise, VMware vSphere/vCenter,

Highly desired

5

Years

F5 LTM/GTM, Juniper Junos, Palo Alto PAN-OS, HP Fortify, Metasploit and PRTG.

Highly desired

5

Years