ASM Research is seeking highly motivated individuals with strong vulnerability scanning and analysis experience. Candidate will perform vulnerability scanning utilizing tools such as ACAS/Nessus, SCAP and other tools as required and provide IAVM and security compliance reporting.
Candidate will work closely with team members to define security best practices, perform manual STIG reviews, support the identification, interpretation, and remediation of vulnerabilities across a variety of applications, operating systems, and platforms.Essential Duties and Responsibilities
- Conducts network vulnerability scanning utilizing Nessus/ACAS and report on IAVM, Pentagon SAR, ARCYBER OPORD and TASKORDS.
- Writes comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement.
- Engineers, implements and monitors security measures for the protection of computer systems, networks and information utilizing but not limited to DISA STIGs. Documents and implements Standard Operating Procedures (SOPs).
- Assists in security engineering of web, database, system and network architecture.
- Defines, maintains, and enforces security best practices. Identifies opportunities for process improvements and leads efforts implement.
- Interpret and apply Federal and DoD laws and regulations including but not limited to DoD directives, NIST and AR publications.
- Author system security policies & documentation from DIACAP to RMF (NIST 800-53).
Knowledge, Skills, and Abilities
- Bachelor's Degree in Computer Science, Engineering, or other Engineering or Technical discipline or equivalent relevant experience. Master's Degree preferred.
- 5-10 years of experience as a Vulnerability Assessment Engineer, Cybersecurity Systems Engineer, or equivalent.
- Must have experience developing Nessus/ACAS scan policies, reading and developing vulnerability reports.
- Experience deploying Security Center and Nessus/ACAS scanner.
- Understanding of FEDRAMP and system cloud migration requirements.
- Experience reviewing audit logs utilizing SIEM tools
- Experience utilizing HBSS MacAfee ePolicy Orchestrator
- Understanding of encryption, hashing, secure random number generation, key derivation, digital signatures, etc.
- Advanced knowledge of network based, system level and application layer attacks and mitigation methods, and TCP/IP, HTTP/S, and related protocols.
- Have working experience and knowledge of Unix/Linux operating system.
- Knowledge of web application vulnerabilities such as cross-site scripting (XSS), sessions hijacking, SQL injection, CSRF (Cross-Site Request Forgery), OWASP Top 10, and other attack vectors.
TCNA, Security +, CAP, CASP, CISSP