Founded in 2001, Blue Canopy is an award-winning provider of business solutions in the public and commercial sectors. We're focused on delivering outcomes that matter by combining the best use of technology, process improvement, and the system of governance. Our Mission is to serve our clients and help them achieve success by combining governance, industry experience, and information technology excellence.
At Blue Canopy, innovation, collaboration, and teamwork are the driving force behind our success. We are committed to hiring, retaining, and developing best-in-class professionals because we recognize that our team is what differentiates us in the marketplace as an industry-leader. We are driven by excellence, committed to integrity, and inspired to achieve limitless possibilities.
Blue Canopy is currently seeking a FT Vulnerability Management Engineer to provide onsite support in Washington DC.
* Conduct vulnerability scans (network, operating system, database, and application)
* Analyze vulnerability scan results and report on aggregated vulnerabilities
* Identify false positives and risk acceptance candidates
* Clearly understand and communicate risks associated with vulnerabilities
* Facilitate vulnerability remediation strategies
* Conduct logical security audits and hands-on technical security evaluations
* Develop subject matter expertise in focused areas of security
What You Need to Bring to the Table:
Demonstrated 3-5 years of technical experience with the following techniques:
* Vulnerability Scanning and Analysis
* Unix/Linux (Solaris/Red Hat) and MS Windows Operating Systems
* Network Switching/Routing and TCP/IP
* Databases (e.g., MS SQL, Oracle, DB2)
* Web application vulnerability scanners (e.g., Qualys WAS, WebInspect, AppScan)
* Database vulnerability scanners (e.g., AppDetective, DbProtect)
* General purpose vulnerability scanners (e.g., QualysGuard, Nessus)
* Security configuration checklists (e.g., DISA STIGs, CIS Benchmarks)
NIST Special Publications (e.g., 800-53, 800-37)
* 3-5 years of experience in information security with specific vulnerability scanning experience
* Bachelor's degree in an IT related field or equivalent education or work experience.
* Certifications like CEH, CCNA, CCNP, GSEC and others are preferred.
* 2+ years experience and understanding of NIST 800-53, NIST 800-53A, NIST 800-30 and NIST 800-37.
* 2+ years prior experience performing security control assessments of all NIST 800-53 controls.
* Experience configuring and using technical assessment tools such as Nessus, HP WebInspect, AppDetective, BurpSuite, Wireshark, QualysGuard and Redseal.
* 2+ years of Risk Management Framework (RMF) implementation experience.
* Proficiency understanding the technical architecture of IT systems built using Windows, UNIX, Linux, IBM AIX, VMware, Citrix, Oracle and MySQL platforms.
* Strong documentation and communication (written and verbal) skills.
* Working knowledge of common network devices
* Working knowledge of Windows and Unix operating systems
* Working knowledge of common database platforms
* Self-motivated and able to work in an independent manner.
Clearance Required: Must be able to obtain "Public Trust" level clearance. (SF-85 and SF-86 submission required).
As a full-time employee of Blue Canopy, you are eligible for an attractive benefits package, which includes medical, dental, life insurance, and short-term and long-term disability insurance. Our benefits also include paid holidays, Paid-Time-Off (PTO), a company-sponsored 401(k) plan, tuition reimbursement plan, and flexible spending accounts to allow you to pay for Health, Dependent care and Commuter costs with pre-tax income.
Blue Canopy, LLC is EOE/AA/M/F/Vet/Disability
* #CB #DC