Millennium Corporation is hiring a Blue Team - Enterprise Vulnerability Scanning Analyst in Washington, DC. Candidate must have an active Top Secret Clearance with eligibility to obtain SCI/CI Poly.
In support of a premier Law Enforcement agency, we are looking to expand our industry-leading, high-impact, Blue Team. The Enterprise Vulnerability Scanning Analyst will perform the following duties:
- Monitor, analyze, and detect Cyber events and incidents within information systems and networks under general supervision.
- Assist with integrated, dynamic Cyber defense, coordinate and maintain security toolsets to support organizations’ continuous monitoring and ongoing authorization programs.
- Develop security assessment plans for systems, including the objectives, scope, schedule, required documentation, possible risks, and other logistical items for security assessments; develops cloud service provider testing approach from security perspective.
- Provides validation of security control tests for cloud service provides; coordinating access to systems and approvals for scanning activities.
- Conducts ad hoc testing on an as-needed basis to assist with development activities or vulnerability remediation.
- Reviews/tests system security controls (managerial, operational, and technical) to determine adequacy against federal requirements (e.g., NIST SP 800-53) and mission context.
- Documents plans of action and milestones for corrective action following assessment activities and in response to identified vulnerabilities.
- Drafts security policies and procedures including the system security plan, and agency specific policies in accordance with NIST requirement.
- Routinely conducts risk assessments to quantify impacts of vulnerabilities.
Additional Blue Team activities that may be supported:
- Identification and Validation of Security Flaws
- Network Mapping / Network Analysis
- Vulnerability Analysis
- Pen-testing network filters and security countermeasures
- Threat Hunting
- Incident Response
- Forensic Analysis
Assist with Business Development activities as required to support Millennium's strategic business objectives, which may include but not limited to participation in technical interviews, creation of technical documentation, general proposal writing support and proposal color reviews.
- Candidate must have an active Top Secret Clearance and be eligible to obtain SCI/CI Poly after starting.
- Bachelor's (or equivalent) with 5+ years of experience, or a Master's and 3+ years of experience.
- SPECIALIZED experience in Vulnerability Scanning and Analysis
- Candidates should be able to apply and understand a wide range of technical principles, theories and concepts.
- Shall possess one or more of the following certifications:
- (ISC)2 Certified Information Security Professional (CISSP)
- ISACA Certified Information Systems Auditor (CISA)
- SANs GIAC certification ( e.g., GPEN or GW APT)
- Offensive-Security Certified Professional (OSCP)
- EC-Council Certified Ethical Hacker (CEH)