TITLE: Cybersecurity Vulnerability Analyst
Onsite:: Radford
Multiyear contract
USC and Active Secret clearance required
Position: The Cybersecurity Analyst will play a key role in ensuring systems meet compliance and security standards. This role involves conducting in-depth analysis of vulnerability scan data, security configuration compliance reports and system design documentation to assess and report on overall system compliance.
TASKS:
- Analyze Assured Compliance Assessment Solution (ACAS) and Security Technical Implementation Guidelines (STIG) scan results to ensure compliance with security policies and guidelines.
- Prepare detailed reports of scan results, including findings, impacts, and recommended remediation actions for customers and internal stakeholders.
- Maintain accurate and up-to-date records of vulnerabilities and their remediation status.
- Work directly with other teams and customers to discuss scan results and develop effective remediation plans.
- Provide clear and concise communication regarding security findings and their potential impact on systems.
- Collaborate with internal IT and security teams a well as customers to implement remediation plans.
- Track and verify the completion of remediation actions to ensure vulnerabilities are addressed.
- Stay current with the latest cybersecurity threats, vulnerabilities, and best practices.
- Contribute to the development and enhancement of scanning and reporting processes.
MUST HAVES:
- Proficiency with ACAS, AESS, and STIG tools and methodologies.
- Strong understanding of vulnerability assessment, risk management, and security compliance.
- Familiarity with networking protocols, operating systems, and security frameworks.
- Ability to interpret scan results and identify key security issues.
- Strong problem-solving skills to develop effective remediation strategies.
- Excellent verbal and written communication skills.
- Ability to effectively communicate technical information to both technical and non-technical stakeholders.
- Strong interpersonal skills to interface with customers and coordinate remediation efforts.
- Attention to detail and ability to maintain accurate documentation.
- Effective time management and prioritization skills.
- Security+ or equivalent DoD 8570.01-M IA Tech Level II certification.
- Must have (or obtain within 6 months of hire) a computing environment certification as defined in DoD 8570.01-M, such as an automation or DevOps industry certification.
- Active Secret clearance required