Previous Job
Vulnerability Analyst III
Ref No.: 18-02457
Location: Washington, District of Columbia
Start Date: 03/20/2018
Bachelor's Degree in Business, Computer Science or Engineering with seven (7) years of experience relevant to solution implementation consulting or ten (10) years related experience relevant to solution implementation consulting.
Job Description:
Required Skills:
·         Network Security and Information Security policies
·         GCIH, CEH or similar industry certification
Preferred Skills:
Experience with log and monitoring management systems, security event monitoring systems, network-based and host-based intrusion detection systems, firewall technologies, malware detection and enterprise-level antivirus solutions/systems, VPN technologies and encryptions standards
·         Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk.
·         Operate and maintain a suite of vulnerability scanning tools, including Retina, Nessus, DBProtect, WebInspect and IP360.
·         Help research, analyze, design, test, and implement new or vendor-supplied security software solutions.
·         Provide up- to-date documentation and procedures on security software product administration.
·         Analyze scan results, prioritize, identify solutions and make recommendations based on the analysis
·         Examine data from multiple disparate sources with the goal of providing new insight.
·         Design and implement custom algorithms, flow processes for data sets used for modeling, data mining, and research purposes.
·         Perform penetration tests, identify exposure and risks, and recommend appropriate security solutions.
·         Make recommendations regarding the selection of cost-effective compensating security controls based on NIST 800-37 to mitigate risk
·         Stay up to date with current vulnerabilities, attacks, and countermeasures
·         Develop follow-up action plans to resolve reportable issues, and communicate with the other technologists to address security threats and vulnerabilities
·         Regularly develop new use cases for automation and tuning of security tools
Contribute to security strategy and security posture by identifying security gaps, evaluate and implement enhancements