Previous Job
Previous
RiskVision Security Engineer II - Contract in Marietta, GA
Ref No.: 18-03462
Location: Marietta, Georgia
Position Type:Right to Hire
Job Description: Job Title: Vulnerability Analyst Engineer
Marietta, GA
6 Months with option of extending or converting to full time
EFTPS: Greencard and US Citizens only due to Govt Work

Candidates must have RiskVision knowledge, either Operational/Use of RiskVision and/or Administrative/Configuration—Set up of RiskVision/Configuration of Views, connections, workflows, etc.

Job Description
The Vulnerability Management Analyst/Engineer will lead high priority projects and day-to-day activities related to our Unified Vulnerability Management Program. The Vulnerability Management Analyst/Engineer is expected to deliver results while maintaining positive relationships with other IT infrastructure teams and project sponsors.

Job Specific Responsibilities
Manage monthly automated scans and analysis of enterprise-class information systems, to include discovery scans, compliance scans, and vulnerability scans
• Managing projects to improve the Unified Vulnerability Management Program
• Reporting on compliance to vulnerability remediation policy
• Subject Matter Expert for our primary network-based vulnerability scanner
• Vulnerability research, review, and escalation
• Processing exception and dispute requests
• Identifying and mitigating detection and reporting gaps
• Tracking and reporting test results
• Responding to audit requests

Candidate Requirements
• 10 years of Information Security
• 5 years working directly with vulnerability and/or patch management
• Possesses a strong understanding of vulnerability management concepts such as exposure, severity, criticality, risk, and threat
• Possesses an understanding of how vulnerabilities are exploited
• Possesses an understanding of SCAP, CVE, CVSS, CPE, CCE and OVAL
• Demonstrates a firm grasp of the concepts of risk management and mitigation
• Possesses detailed understanding of various operating systems and common applications as they relate to vulnerabilities
• Possesses an understanding of virtual server and cloud environments
• Possesses a strong understanding of baseline scanning and compliance reporting
• Possesses an understanding of enterprise technology infrastructure, application development & maintenance, software testing, and IT architecture
Possesses experience using a variety of vulnerability scanners and managing remediation efforts

Preferred Qualifications CISSP, CEH, CISM
Interview Required: Yes