G269ISSE1 - Vulnerability Assessment Analyst - Cleared
NiSUS Technologies Corporation
Annapolis Junction, maryland
Job Details
Full-time
Full Job Description
- Maintain and optimize the Tenable Security Center infrastructure.
- Conduct regular security patching, assessments and scans on Linux Security Center servers using Tenable Nessus.
- Mitigate STIGS/Vulnerabilities on Tenable Linux Security Center Servers and Windows/Linux Nessus Scanning Servers.
- Install and update Tenable Nessus Software on Linux/Windows Scanning Servers.
- Install and update Tenable Security Center Software on Linux Servers.
- Configure and fine-tune scanning policies and asset lists to ensure thorough vulnerability coverage.
- Keep abreast of the latest Tenable Security Center features and updates.
- Perform regular vulnerability assessments of multiple device types and Operating Systems using Tenable Security Center.
- Utilize Nessus Scanning Tool to identify vulnerabilities across customer assets on a Continuous Monitoring basis.
- Review Nessus/ACAS scan results and provide direction where required.
- Recognizes potential, successful, and unsuccessful scan results for efficiency in reporting compromises thorough reviews and analyses of relevant event detail and summary information.
- Analyze scan results and generate comprehensive vulnerability reports.
- Monitor and track vulnerability remediation progress.
- Collaborate with other teams to ensure timely vulnerability remediation.
- Communicate effectively with stakeholders about the security posture and potential risks.
- Prepare and deliver clear and concise reports to management and stakeholders.
- Maintain accurate records of security incidents and vulnerabilities.
Requirements
TS/SCI with poly required
- 7 years of related experience and a Bachelor of Science.
- 4 additional years of experience can be substituted for a degree.
- Familiarity with STIGs, Tenable Audit files, and / or CIS Benchmarks
- Hands-on operational experience with enterprise vulnerability management and scanning solutions, such as Tenable
- Knowledge of system and application security threats and vulnerabilities
- Working knowledge of networking, Linux/Unix, Windows administration, patch deployment and system configuration
- Certified Ethical Hacker
One of the Following Certifications is Required:
- A+
- Network+
- CCNA Security
- CySA+
- GICSP
- GSEC
- Security+
- CND
- SSCP
- CASP
- CCNP Security
- CISA
- CISSP
- GCED
- GCIH
- CCSP
Desired:
- In-depth knowledge of vulnerability assessment methodologies, tools, and best practices
- Self-starter, ability to work effectively both independently and as part of a team including the ability and desire to own every aspect of a task from start to finish
- Strong analytical and problem-solving abilities, with a keen attention to detail
Benefits