CyberData Technologies, Inc., an established technology solution provider based in Herndon, Virginia, is looking to expand its growing team. We are an industry leader in data warehousing and business intelligence for both government and commercial clients. CyberData ranked 30th Fastest Growing Federal Contractors in Washington Technology Fast 50, and is an Inc. 500 company. Our employees are our greatest asset and we are committed to their professional development and growth. We provide competitive salaries, bonuses, generous benefit packages, and paid time off to balance work and personal commitments.
We are currently seeking Vulnerability Management Analyst for our Federal client in Rockville, Maryland.
Job Location: Rockville, Maryland walking distance to Metro.
CyberData Technologies Inc. is currently hiring an experienced Vulnerability Management Analyst and Team Lead with cyber security policy assessment experience for our federal client located in Rockville, MD. The Vulnerability Management Team Lead will be tasked with leading a variety of assessment and analysis duties, including:
- Perform vulnerability assessment scans on a daily basis against:
- Host-based (various operating systems, virtual, networking components
- Web Applications (Apache, IIS, Nginx)
- Code Reviews (.NET, Java, Jscript, C++, etc.)
- Perform analysis of scan results to determine applicability on a daily basis. An ability to interpret scan results is a must (e.g., code analysis skills)
- Provide remediation guidance to system owners and stakeholders on a daily basis.
- Use expertise to provide mitigation strategies to help remediate vulnerabilities on a daily basis.
- Continually maintain the health of vulnerability scanning tools and ensure they are operating as expected on a daily basis.
- Work with vulnerability scanning tool support engineers to identify, troubleshoot, and remediate issues on a daily basis.
- Perform compliance scans against defined HRSA baselines on a weekly basis or as needed.
- Provide process improvement recommendations for day-to-day operations.
- Provide technical guidance to the Risk Management Team and other stakeholders on a daily basis.
- Provide insight on NIST 800-53 technical controls during assessments.
- Provide support to the Incident Response and Investigation Teams when called upon.
- Provide occasional training of vulnerability management tools to stakeholders.
- Write supporting documentation of vulnerability management processes and procedures.
- Work with the HRSA Risk Management team to determine risks to the system based on vulnerability results and compensating or mitigating controls in place.
- Preform tool upgrades, updates, and patches as necessary.
- Develop vulnerability reports and dashboards, in order to provide new insight into existing vulnerabilities.
- Implement various levels of automation among tools in the SOC’s cyber security ecosystem and/or the HRSA IT Infrastructure to improve the effectiveness and efficiency of vulnerability management.
- Conduct baseline configuration compliance scanning and work with system administrators to correct configuration issues to ensure compliance with agency configuration requirements.
Skills & Experience:
- Minimum of 5-8 years’ experience in Vulnerability Management.
- Position requires technical knowledge in computer network theory, IT standards and protocols, as well as an understanding of the lifecycle of cyberspace threats, attack vectors, and methods of exploitation.
- Experience with vulnerability assessment and reporting including comprehensive understanding of Vulnerability Management methodologies and procedures.
- Experience implementing, managing or governing security technologies, including vulnerability scanning tools (nmap, openssl, Nessus, BigFix, or similar vulnerability scanning tools) is required.
- Experience with network and application security testing tools and scripting languages (WebInspect, Burp Suite, NetSparker, Paros, Perl and Python)
- Operating system concepts - experience with both Windows and Linux environments.
- Static code scanning experience
- Strong technical, analytical, and interpersonal skills
- Ability to manage a small team in a team-oriented environment. Must be able to mentor, facilitate conflict resolution, keep government manager up to date, and task the team.
- Must be self-driven and work independently
- Must be performance driven, detailed, and results oriented
- Bachelor's degree in related field preferred
- Certified Ethical Hacker (CEH) desired
- Strong communication and interpersonal skills with the ability to act as a resource for providing excellent customer service in a courteous manner to a wide range of stakeholders. Must be able to work effectively with diverse groups of people at various levels within an organization. Requires strong writing skills for composing and editing a variety of documents using correct spelling, grammar, and punctuation, with the ability to pay close attention to detail and proofread work carefully.
- Strong organizational skills sufficient to prioritize the team’s work and complete assignments accurately, either independently or as part of a team, under pressure of competing deadlines and with frequent interruptions, working from own initiative and/or following direction, policies, or procedures. Independently establish priorities and coordinate and complete assignments within established timeframes.
- Ability to identify customer needs and use analytical and decision-making skills to offer options and resolve problems in a variety of contexts.
CyberData Technologies, Inc., is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.