Senior Vulnerability Management Engineer

The role requires:
- 8 years of experience
- Top Secret / Tier 5
- Primary Location: Washington D.C., or Seaside, CA
- Location Requirement: Hybrid (occasional on-site required)

Further position details:
The Vulnerability Engineer will support vulnerability remediation efforts. Candidates should have a strong in-depth knowledge of the Windows OS (Windows Workstation and Windows server) as well as a foundational knowledge of LINUX/UNIX OS, networking, databases, and other IT Technologies required. Working knowledge of DevSecOps functionality a plus.

Requirements:

• 5-8+ years of operational experience in vulnerability management or security engineering with a working knowledge of OS hardening/compliance/DISA STIGs.
• Position requires 8570 Certification (e.g. Security +, CISSP).

Desired Skills:

• Working knowledge of ACAS. Knowledge of PowerShell
• Understanding of DISA STIGs and Information Assurance Vulnerability Management (IAVM) Program
• Working knowledge of Red Hat Advanced Cluster Security for Kubernetes (StackRox) and Splunk strongly desired. Strong critical thinking, communication, and organizational skills
• Collaborates with technical and compliance teams across the organization. Experience in a hands-on leadership role
• Capable of performing trend and analysis of vulnerability scan data and preparation of weekly metrics for presentation to leadership
• Experience in Information Technology/Vulnerability Management/Cybersecurity
• Demonstrate deep technical knowledge in the management and configuration of operating systems, networks, and software including knowledge of OS authentication mechanisms, permissions, and a solid understanding of networking
• Demonstrate depth of understanding of a variety of operating system and software vulnerabilities

Demonstrate broad security experience, which must include vulnerabilities, risks, and security mechanisms that are common in today's government systems.