Information Security Analyst
Primary Location: Washington DC Metro Area or Seaside, CA
Location Requirement: Hybrid (occasional on-site required)
Full time / Permanent
Clearance requirement: Top Secret
Scope of Work:
The Vulnerability Engineer will support vulnerability remediation efforts for the DMDC IT GEMS engagement. Candidates should have a strong in-depth knowledge of the Windows OS (Windows Workstation and Windows server) as well as a foundational knowledge of LINUX/UNIX OS, networking, databases, and other IT Technologies required. Working knowledge of DevSecOps functionality a plus.
Requirements:
- 8+ years of operational experience in vulnerability management or security engineering with a working knowledge of OS hardening/compliance/DISA STIGs.
- Position requires 8570 Certification (e.g. Security +, CISSP).
Desired Skills:
- Working knowledge of ACAS. Knowledge of PowerShell
- Understanding of DISA STIGs and Information Assurance Vulnerability Management (IAVM) Program
- Working knowledge of Red Hat Advanced Cluster Security for Kubernetes (StackRox) and Splunk strongly desired. Strong critical thinking, communication, and organizational skills
- Collaborates with technical and compliance teams across the organization. Experience in a hands-on leadership role
- Capable of performing trend and analysis of vulnerability scan data and preparation of weekly metrics for presentation to leadership
- Experience in Information Technology/Vulnerability Management/Cybersecurity
- Demonstrate deep technical knowledge in the management and configuration of operating systems, networks, and software including knowledge of OS authentication mechanisms, permissions, and a solid understanding of networking
- Demonstrate depth of understanding of a variety of operating system and software vulnerabilities
- Demonstrate broad security experience, which must include vulnerabilities, risks, and security mechanisms that are common in today's government systems