Vulnerability Analyst - Journeyman

The role requires:
- 5 years of experience
- Secret / Tier 3
- Primary Location: Washington D.C., or Seaside, CA
- Location Requirement: Hybrid (Average - 1 day on site per week)
- Level: Journeyman

Further position details:
Candidates should have a strong in-depth knowledge of the Windows OS (Windows Workstation and Windows server) as well as a foundational knowledge of LINUX/UNIX OS, networking, databases, and other IT Technologies required. Working knowledge of DevSecOps functionality a plus.

Requirements:

• 5+ years of operational experience in vulnerability management or security engineering with a working knowledge of OS hardening/compliance/DISA STIGs.
• Position requires 8570 Certification (e.g. Security +, CISSP).

Desired Skills:

• Working knowledge of ACAS. Knowledge of PowerShell. Experience with MECM, Tanium, and MDE a plus
• Understanding of DISA STIGs and Information Assurance Vulnerability Management (IAVM) Program
• Working knowledge of Red Hat Advanced Cluster Security for Kubernetes (StackRox) and Splunk strongly desired. Strong critical thinking, communication, and organizational skills
• Collaborates with technical and compliance teams across the organization.
• Capable of performing trend and analysis of vulnerability scan data and preparation of weekly metrics for presentation to leadership
• Experience in Information Technology/Vulnerability Management/Cybersecurity
• Demonstrate deep technical knowledge in the management and configuration of operating systems, networks, and software including knowledge of OS authentication mechanisms, permissions, and a solid understanding of networking
• In-depth knowledge of network protocols, operating systems, and common vulnerabilities.
• Familiarity with security frameworks and standards (e.g., NIST, ISO 27001)

Demonstrate broad security experience, which must include vulnerabilities, risks, and security mechanisms that are common in today's government systems