We are seeking a senior Cyber/Information Technology (IT) Security Engineer to join our team. This individual will assist the Information Systems Security Officer (ISSO) in leading or conducting enterprise-level Security Engineering tasks and be part of a large program in support of the IT infrastructure including help desk, systems, network, and security services.
- We are seeking a senior Cyber/Information Technology (IT) Security Engineer with high level concentration on Vulnerability management with at least 4-5 years of Power User Tenable experience to join our team.
This individual will be working directly with Compliance team, other agency’s divisions. He/She will assist in analyzing, tracking of systems, networks, applications and their vulnerabilities by reviewing scan reports and working with the relevant parties to get the vulnerabilities remediated.
- Develop proactive Tenable Security Center processes and procedures to advance the vulnerability management program.
- Provide advice and guidance to the ISSO and other divisional security key stakeholders on how to improve IT security.
- Coordinate with technical leads in different divisions on implementation of effective vulnerability management projects that require compliance with relevant government policies or standards.
- Assist in coordination, implementation, communication, and enforcement of the IT security policies procedures, and standards.
- Advise on the development and design of methodologies to conduct business case analyses of the information security infrastructure.
- Support the analysis, investigation, and closure of audit findings from FISMA security audits, the Independent Verification & Validation (IV&V) and the Continuous Controls Assessment (CCA) engagements.
- Ability to install, maintain, troubleshoot Tenable devices
- Ability to investigate and validate vulnerability findings
- Ability to utilize other tools/methods of determining vulnerability findings
Required qualifications include:
- At least 5 years of Performing vulnerability scanning using Tenable Nessus, Tenable SecurityCenter (SC), and vulnerability analysis and reporting, to various IT groups and management.
- Strong understanding of Linux and Windows.
- Understanding Continuous Monitoring (CM) requirements.
- Expert knowledge of IT security vulnerabilities and risk assessments with the ability to explain the risks associated with them to executives, program, and technology staff.
- Ability to work with program staff, executives, and technology staff to achieve IT security goals and objectives.
- Working experience in applying FISMA, and FedRAMP processes and policies to information systems.
- Bachelor’s degree and 6+ years’ related experience (or equivalent combination of education and experience).
- Certifications: CISSP (or ability to obtain one within 6 months).
- Excellent oral communication, writing, problem-solving skills, and attention to detail.