Vulnerability Assessment Engineer

Nessus, ACAS, RMF, Secret clearance
Full Time
Telecommuting not available Travel not required

Job Description

General Summary

ASM Research is seeking highly motivated individuals with strong vulnerability scanning and analysis experience. Candidate will perform vulnerability scanning utilizing tools such as ACAS/Nessus, SCAP and other tools as required and provide IAVM and security compliance reporting.

Candidate will work closely with team members to define security best practices, perform manual STIG reviews, support the identification, interpretation, and remediation of vulnerabilities across a variety of applications, operating systems, and platforms.

Essential Duties and Responsibilities

  • Conducts network vulnerability scanning utilizing Nessus/ACAS and report on IAVM, Pentagon SAR, ARCYBER OPORD and TASKORDS.

  • Writes comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement.

  • Engineers, implements and monitors security measures for the protection of computer systems, networks and information utilizing but not limited to DISA STIGs. Documents and implements Standard Operating Procedures (SOPs).

  • Assists in security engineering of web, database, system and network architecture.

  • Defines, maintains, and enforces security best practices. Identifies opportunities for process improvements and leads efforts implement.

  • Interpret and apply Federal and DoD laws and regulations including but not limited to DoD directives, NIST and AR publications.

  • Author system security policies & documentation from DIACAP to RMF (NIST 800-53).

Minimum Qualifications

  • Bachelor's Degree in Computer Science, Engineering, or other Engineering or Technical discipline or equivalent relevant experience. Master's Degree preferred.

  • 5-10 years of experience as a Vulnerability Assessment Engineer, Cybersecurity Systems Engineer, or equivalent.

Knowledge, Skills, and Abilities

  • Must have experience developing Nessus/ACAS scan policies, reading and developing vulnerability reports.

  • Experience deploying Security Center and Nessus/ACAS scanner.

  • Understanding of FEDRAMP and system cloud migration requirements.

  • Experience reviewing audit logs utilizing SIEM tools

  • Experience utilizing HBSS MacAfee ePolicy Orchestrator

  • Understanding of encryption, hashing, secure random number generation, key derivation, digital signatures, etc.

  • Advanced knowledge of network based, system level and application layer attacks and mitigation methods, and TCP/IP, HTTP/S, and related protocols.

  • Have working experience and knowledge of Unix/Linux operating system.

  • Knowledge of web application vulnerabilities such as cross-site scripting (XSS), sessions hijacking, SQL injection, CSRF (Cross-Site Request Forgery), OWASP Top 10, and other attack vectors.

Certifications/Licensures: TCNA, Security +, CAP, CASP, CISSP

Posted By

ASM Research

Dice Id : 10238000
Position Id : 20161215-682
Have a Job? Post it

Similar Positions

Sr Analyst, Info Security
  • General Dynamics Information Technology
  • Newington, VA
Cyber Security Specialist
  • LinTech Global Inc.
  • Fort Belvoir, VA
McAfee Security Product Specialist
  • Meridian Technologies, Inc.
  • Vienna, VA
Cyber-Security Engineer
  • Kreative Technologies
  • Falls Church, VA
Information Assurance Analyst , Mid-Level
  • MAXIMUS, Inc.
  • Falls Church, VA
Information Assurance Security Engineer III
  • ApplyLogic Consulting Group, LLC
  • Arlington, VA
Security Assessment and Authorization Specialist
  • Medical Science & Computing, Inc.
  • Bethesda, MD
Cybersecurity Specialist - 15421
  • Camber Corporation
  • Washington, DC
Sr Information Systems Security Engineer
  • Axxum Technologies LLC
  • Washington, DC
Cybersecurity Engineer
  • Multivision, Inc.
  • Washington, DC
Information Security Analyst
  • Open Analytics
  • Reston, VA
Information Security Engineer
  • Ampcus Inc
  • Reston, VA
Cyber Security Analyst
  • Marathon TS Inc
  • Arlington, VA
Cyber Security Threat Analyst
  • Chenega Corporation
  • Vienna, VA