Vulnerability Research Analyst

Overview

On Site
Depends on Experience
Full Time

Skills

POA & M
NESSUS
RHEL
VMware vSphere
MSSQL
Centos Operating System

Job Details

Who we are:

 

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.  

 

The perks:

 

As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certification maintenance and reimbursement, etc.

 

Who we’re looking for:

 

We are seeking a Vulnerability Assessment Engineer who has experience providing support in a dynamic, fast-paced environment within the public sector. The Vulnerability Assessment Engineer will perform comprehensive assessments that produces actionable security recommendations that are tailored to the assessed environment, to include vulnerability assessment and vulnerability management. This is a unique opportunity to join an exciting company where you will have a voice and be an active participant in driving growth and shaping our companies’ culture.

 

What you’ll be doing:

 

  • Work closely with target organizations to ensure full comprehension of the standard security controls; conduct site visits as required
  • Assist with security controls compliance assessments using established matrixes of tailored control and provide expert support in assessments of target organizations
  • Provide support to Vulnerability Management programs
  • Provide support to assessed organizations to ensure proper tracking of Plan of Action and Milestone (POA&M) items
  • Provide support and conduct annual reviews of the security controls (or some subset of the security controls) to ensure continued compliance as requested
  • Assist with establishing footholds on endpoints within monitored organizations networks to provide day-to-day visibility into the security posture
  • Provide expert support for the development and maintenance of develop of processes and best-practices for evaluating A&A data through a standard scorecard
  • Utilize industry standard tools for automating the review of system configuration and security control compliance
  • Conduct periodic NIST controls assessments in support of network authorization and continuous monitoring
  • Provide detailed observations from controls assessments in the form of Security Assessment Report (SAR) and Risk Assessment Report (RAR) documents
  • Employ a scan-patch-scan methodology to ensure all systems identify and receive appropriate security patches
  • Conduct vulnerability scanning using industry standard tools (e.g., Tenable Nessus) on a weekly to bi-weekly basis
  • Report scan result data to appropriate system administrators to aid in the deployment of system updates and patches
  • Develop a mitigation plan detailing a prioritized timeline for patch deployment (e.g., 30-60-90-day patch deadlines based on each finding’s severity level)
  • Conduct false positive analysis and vulnerability analysis to determine the legitimacy of all detected vulnerabilities as well as prioritize their remediation
  • Configure the identified application to effectively ingest, process, and report vulnerability data collected during assessments as well as data provided from organizations’ self-assessments
  • Conduct long term trend analysis, identifying improvements or degradations in system security posture across the enterprise
  • Provide dashboard views of data roll-ups from all facets of assessed systems (e.g., risk, vulnerability data, POA&M status) to present high-level executive summary reports to government leadership

 

What you need to know:

 

  • Ability to conduct Vulnerability Assessments using industry tools - NESSUS, Tenable, etc. Experience with Tenable (Tenable.io or Tenable.sc) in an enterprise environment highly preferred.
  • Experience in vulnerability management strategies, standards, procedures and technologies across infrastructure and application-level vulnerabilities.
  • Experience scanning Windows, RHEL and Centos Operating Systems and troubleshooting scans, to include the ability to communicate with customers daily describing the results of scans
  • Experience scanning Virtual environments to include VMware vSphere infrastructures,
  • Network devices, Databases (Oracle, MSSQL, MySql, Postgres), and websites web with tenable.sc
  • Intermediate to advanced knowledge of the following platforms in an enterprise environment: Windows and RHEL, routing, switching, IDS, IPS, Firewalls
  • An understanding of mapping and scanning applications and systems, including port scanning, identifying services and configurations, application flow charting, and session analysis.

 

Must have’s:

 

  • Bachelors in Cybersecurity, Computer Science/Electrical Engineering, Engineering, or IT
  • Top Secret with SCI eligibility and ability to pass a Counterintelligence (CI) polygraph
  • Shall possess one or more of the following certifications: (ISC)2 Certified Information Security Professional (CISSP), ISACA Certified Information Systems Auditor (CISA), SANs GIAC certification (e.g., GPEN or GW APT), and EC-Council Certified Ethical Hacker (CEH)

 

Beneficial to have the following:

 

  • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)
  • Comprehensive knowledge in the one or more of the following areas: information security, network security, Windows security, UNIX/Linux security, and web application security
  • Demonstrated success and understanding of accepted frameworks such as, ISO/IEC 27001, COBIT, and NIST, including 800-53 rev 5 and the ATO process
  • Ability to research new trends, techniques, and packaging of malicious software to stay current and ready to identify and handle zero-day exploits

 

Where it’s done:

 

  • Washington, D.C