This role will support vulnerability remediation efforts. Candidates should have a strong in-depth knowledge of the Windows OS (Windows workstation and Windows server) as well as a foundational knowledge of LINUX/UNIX OS, networking, databases, and other IT Technologies required. Working knowledge of DevSecOps functionality a plus.
Requirements
- Working knowledge of ACAS. Knowledge of PowerShell
- Understanding of DISA STIGs and Information Assurance Vulnerability Management (IAVM) Program
- Working knowledge of Red Hat Advanced Cluster Security for Kubernetes (StackRox) and Splunk strongly desired. Strong critical thinking, communication, and organizational skills
- Collaborates with technical and compliance teams across the organization. Experience in a hands-on leadership role
- Capable of performing trend and analysis of vulnerability scan data and preparation of weekly metrics for presentation to leadership
- Experience in Information Technology/Vulnerability Management/Cybersecurity
- Demonstrate deep technical knowledge in the management and configuration of operating systems, networks, and software including knowledge of OS authentication mechanisms, permissions, and a solid understanding of networking
- Demonstrate depth of understanding of a variety of operating system and software vulnerabilities
- Demonstrate broad security experience, which must include vulnerabilities, risks, and security mechanisms that are common in today's government systems
Non-Negotiable Requirements:
- Minimum 8+ years of operational experience in vulnerability management or security engineering with a working knowledge of OS hardening/compliance/DISA STIGs.
- Bachelors degree
- Must be located in DC Metro area
REQUIRED CLEARANCE:
REQUIRED CERTIFICATIONS:
- Position requires 8570 IAT II certification (e.g. Security+, CISSP)
Technical Environment:
Windows 10 or Windows 11 operating systems; Microsoft 365 Office suite of applications Oracle, UNIX/Linux, test scripts