Scanning Engineer - Tenable

Peraton is seeking a qualified Scanning Engineer to become part of Peratons Department of State (DOS) Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable innovative effective and secure business processes.

Peratons DSCM program encompasses technical engineering data analytics cyber security management operational logistical and administrative support to aid and advise the Department of State Cyber & Technology Security (CTS) Directorate. This includes protecting a global cyber infrastructure comprising networks systems information and mobile devices all while identifying and responding to cyber risks and threats. Those supporting Peratons DSCM program strive to leverage their expert knowledge and propose creative solutions to realworld cybersecurity challenges.

Location: Beltsville MD. This position requires 5 days onsite.

You will have the opportunity to:

Vulnerability Scanning:

• Perform regular vulnerability scans across the Departments systems and networks identifying deviations from acceptable configurations and standards.
• Evaluate and prioritize identified vulnerabilities based on potential impact and risk and recommend remediation strategies and solutions.
• Collaborate with system owners and administrators to address identified vulnerabilities and ensure timely remediation.

Compliance Scanning:

• Execute enterprisewide operating system and application compliance verification assessing adherence to established security policies and best practices.
• Develop security baseline configuration compliance and vulnerability scan policies for Department hosterating system platforms (e.g. Windows UNIX Linux Cisco Juniper etc..
• Prepare audit reports identifying technical and procedural findings providing recommended remediation strategies and solutions.
• Perform security authorization audits using NIST Risk Management Framework (RMF) NIST Cybersecurity Framework and FISMA reporting criteria for security control testing procedures and create the associated Security Assessment Reports.

Web Application Scanning:

• Conduct web application vulnerability scanning to identify potential security risks and weaknesses in applications and services.
• Collaborate with web developers and application owners to address identified vulnerabilities and ensure the implementation of secure coding practices.
• Monitor emerging web application vulnerabilities and threats and recommend appropriate mitigation strategies.

Database Scanning:

• Perform database vulnerability scanning to identify potential security risks and weaknesses in database management systems and configurations.
• Collaborate with database administrators to address identified vulnerabilities and ensure the implementation of secure database practices.
• Monitor emerging database vulnerabilities and threats and recommend appropriate mitigation strategies.

#DSCM

#DSCM

Minimum Requirements:

• Bachelors degree in Computer Science Information Systems Cybersecurity or a related field and a minimum of 9 years of experience in enterprise scanning vulnerability management or cybersecurity. An additional 4 years of experience may be substituted in lieu of degree.
• Must have experience using Tenable software suite to perform vulnerability scanning discovery scans and baseline compliance scoring experience in running and administering Tenable.SC and/or Tenable to be able to take on architecture and tool development tasks).
  
• Possess or be able to obtain before start date one of the following certifications:
  • CASPCE CCNA Cyber ops CCNASecurity CCNPSecurity CEH CFR ISA CISSP (or Associate) Cloud CySA GCED GCIA GCIH GICSP SCYBER or VCA DCV.
• Indepth knowledge of vulnerability compliance web application and database scanning methodologies and best practices.
• Familiarity with various operating systems (Windows UNIX Linux Cisco Juniper etc..
• Strong analytical and problemsolving skills with the ability to identify and resolve complex security issues.
• Excellent communication and interpersonal skills with the ability to work collaboratively with cross functional teams.
• U.S. citizenship required.
• Active Secret security clearance.
  • Additional ability to obtain a Top Secret clearance.

Peraton is a nextgeneration national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the worlds leading mission capability integrator and transformative enterprise IT provider we deliver trusted highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land sea space air and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day our employees do the cant be done by solving the most daunting challenges facing our customers. Visit peraton to learn how were keeping people around the world safe and secure.