Specialist Vulnerability Management 22083

Job Title: Specialist Vulnerability Management

Job Code: 22083

Job Location: Palm Bay FL

Job Schedule: 9/80 REG

Job Description:

Executes security scanning and remediation operations under the guidance of the Vulnerability Management Lead on assigned governmentauthorized systems. Will be responsible for performing compulsory scans of assigned information systems including vulnerability network detection and mapping and controlled interfaces. The candidate must be knowledgeable on a variety of vulnerability assessment tools including Rapid 7 Nexpose NMAP and Nipper or similar security tools. Additionally the candidate must be able to create and interpret scan reports and recommend prioritized remediation plans. Ability to script and develop parsing tools preferred such as BASH Python and/or PowerShell scripts etc. Other responsibilities include may include: authoring and maintaining documentation supporting the Assessment & Authorization (A&A) of assigned systems in accordance with the Risk Management Framework (RMF) under the ICD503 JSIG and NISPOM; performing security control assessments as part of the systems Continuous Monitoring Plan; overseeing configuration management of assigned systems; working with various stakeholders within the organization to develop device and system hardening guides following DISA and NIST guidelines; auditing systems to ensure security posture integrity; conduct periodic hardware/software inventory assessments; identifying system security controls shortcomings and developing POA&Ms; remediating control deficiencies; conducting documenting and reporting annual selfassessments; maintaining operational information security posture for a system program or enclave; assist with investigating security incidents such as data spills data integrity infractions and malicious events; authoring and delivering security education and training to a range of audiences as needed.

Essential Functions:

Configure scan engines for vulnerability network detection and mapping and controlled interface scans
Execute scans generate reports interpret results and recommend remediation plans
Provide any requested Assessment & Authorization (A&A) documentation of assigned systems as applicable
Execute Continuous Monitoring Plans
Interface with system managers and Information Technology (IT) personnel to track and resolve identified vulnerabilities
Create maintain and update documentation
Develop new concepts or standards which make significant and impactful improvements to processes systems solutions or products

Qualifications:

Bachelors Degree and minimum 4 years of prior relevant experience. Graduate Degree and a minimum of 2 years of prior related experience. In lieu of a degree minimum of 8 years of prior related experience.
Active Top Secret security clearance with SCI. Current counterintelligence (CI) polygraph investigation or willingness to submit to a CI polygraph. Willingness to submit to a Full Scope Polygraph.
Security CE or equivalent certification within 6 months of hire.

Preferred Additional Skills:

Minimum 4 years of prior relevant experience to include experience with networking equipment; experience running vulnerability scans administration of virtual machines and interpreting results (e.g. Nessus Assured Compliance Assessment Solution ACAS Rapid7 Nexpose NMAP etc.
Experience as an ISSO managing cybersecurity on classified systems under multiple agencies JSIG NISPOM Ch8 ICD 503 and/or NIST 80053 implementations.
Experience with project management tools such as Jira and Confluence.
Experience developing managing and providing evidence to close POA&Ms associated with the A&A and project management processes.
Experience with diverse workstation and server operating systems including but not limited to Microsoft and Linux.
Flexibility to adjust to changing requirements schedules and priorities.
Able to socialize ideas make recommendations and gain team consensus.
Excellent time management and task prioritization skills.
Certified Information System Security Professional (ISC2 CISSP) or equivalent certification.
Exceptional verbal written interpersonal and presentation skills customer relationship building skills analytical skills
Ability work in a team environment.
Ability to script and develop parsing tools such as BASH script Python PowerShell script etc.

#LIFS1