Cybersecurity

Job Title: Cybersecurity Architecture & Engineering (Vulnerability Assessment)
Location: Woodlawn, MD 21207 (Onsite)
Duration: Long Term Contract

Role Description (Short):
Supports the Agency’s vulnerability and compliance scanning operations by administering scanning platforms and related security infrastructure, analyzing and assessing
vulnerability findings, supporting remediation and reporting, automating repeatable tasks, and helping maintain a stable and effective enterprise scanning capability across SSA’s environment.

Key Responsibilities:

• Administer and support the Agency’s vulnerability and compliance scanning platforms and toolsets used across the enterprise.
• Analyze, assess, and help prioritize vulnerability findings across SSA’s network and facilitate reporting of those findings to the Agency’s logging and observability infrastructure.
• Support the ongoing maintenance and improvement of vulnerability and compliance scanning technologies to maximize protection and operational effectiveness.
• Provide 3rd-tier technical support for issues related to scanning platforms, security automation, and associated infrastructure.
• Develop scripts and automated methods to improve efficiency and reduce manual effort in scanning, reporting, and platform support activities.
• Document project and technology requirements for security automation, software, and hardware solutions supporting the vulnerability and compliance scanning
• workload.
• Prepare design, installation, testing, and back-out procedures for automation, software, and hardware upgrades or patches.
• Develop and submit planned server maintenance schedules and maintenance reports related to the scanning environment.
• Prepare problem reports, root cause documentation, analysis reports, and recommendations for remediation efforts as needed.
• Document contractor activities and task status in accordance with SSA reporting requirements.
• Communicate delays, risks, and revised timelines to the SSA Work Order Manager as required.
• Coordinate with stakeholders and related security teams to support vulnerability management, scanning operations, and continuous improvement efforts.

Required Qualification:

• Bachelor’s degree in cybersecurity, information systems, computer science, engineering, or a related field.
• Experience supporting vulnerability management, compliance scanning, or security operations in an enterprise environment.
• Experience administering vulnerability and compliance scanning platforms and associated security toolsets.
• Experience analyzing vulnerability findings, assessing risk, and supporting reporting and remediation activities.
• Experience supporting security infrastructure technologies and maintaining platforms in a production environment.
• Ability to provide 3rd-tier technical support and troubleshoot issues involving scanning platforms, automation, software, and hardware.
• Experience developing scripts or automated solutions to reduce manual tasks and improve operational efficiency.
• Experience documenting technical requirements, maintenance procedures, problem reports, root cause analyses, and remediation recommendations.
• Strong analytical, troubleshooting, and problem-solving skills.
• Strong written and verbal communication skills and ability to coordinate effectively with technical staff and stakeholders.
• Ability to manage multiple tasks and deliver recurring operational reports and documentation on schedule.
• Working knowledge of Tenable Nessus, Security Center, and Splunk

Preferred Qualification:

• Experience supporting federal cybersecurity, security operations, or enterprise compliance environments.
• Familiarity with logging and observability platforms used to receive and track vulnerability findings.
• Experience with scripting languages used for automation of scanning or reporting activities.
• Experience with JIRA, Confluence, CAPRS, ServiceNow, or similar operational support and documentation tools.
• Relevant certifications such as Security+, CISSP, or vendor-specific vulnerability management certifications.