Nessus Subject Matter Expert (SME)

Austin, TX - USA

Monthly Salary: Not Disclosed

Posted on: 1 hour ago

Vacancies: 1 Vacancy

Job Summary

Title: Nessus Subject Matter Expert (SME)

Location: Austin TX (Hybrid)

Job Summary:

We are looking for a Nessus Subject Matter Expert (SME) with specialized experience in Operational Technology (OT) security to lead vulnerability scanning assessment and mitigation efforts across both IT and OT environments. The ideal candidate will have hands-on expertise with Tenable Nessus and a strong background in securing SCADA networks and other OT assets.

Key Responsibilities:

SME for Nessus and Nessus Professional/ scanning solutions in both IT and OT environments.
Conduct vulnerability assessments on OT systems including PLCs RTUs HMIs and SCADA infrastructure ensuring minimal operational impact.
Configure and fine-tune scan policies for OT networks balancing visibility with system safety and availability.
Analyze scan results to identify vulnerabilities misconfigurations and compliance issues.
Collaborate with OT engineers IT security and compliance teams to align scanning activities with operational safety and security objectives.
Maintain a comprehensive inventory of OT assets and integrate vulnerability data with asset management systems when possible.
Support segmentation network mapping and risk assessments for OT environments using Nessus and complementary tools.
Develop and maintain detailed documentation on scan procedures results and mitigation strategies.
Develop reporting and metrics that highlight OT-specific vulnerabilities risk levels and remediation progress.
Stay informed of emerging threats zero-days and advisories relevant to OT (e.g. CISA ICS alerts ISA/IEC 62443 standards).

Qualifications:

3 years of experience configuring/implementing Tenable Nessus for enterprises for IT/OT vulnerability assessments.
5 years of experience with vulnerability management lifecycle and remediation tracking.
Nice to have experience in OT/ICS cybersecurity particularly in sectors such as energy or critical infrastructure.
Experience integrating Nessus/Tenable with asset discovery and monitoring tools (e.g. Nozomi Claroty Dragos SCADAfence).
Experience with or in hybrid OT/IT environments.
Ability to script in Python PowerShell or Bash for automation and data processing.
Knowledge of ICS protocols (e.g. Modbus DNP3 BACnet OPC Profinet).
Familiarity with network segmentation zone-based architecture and secure remote access principles in OT.
Strong understanding of CVEs CVSS scoring and vulnerability lifecycle management.
Working knowledge of industry standards and guidelines: ISA/IEC 62443 NIST 800-82 NERC CIP or equivalent.
Strong interpersonal and communication skills to interface effectively with IT OT and executive stakeholders.
Ability to work in sensitive safety-critical environments where system availability is paramount.
Strong analytical thinking with a detail-oriented and risk-focused mindset.

Best Regards

Divya D
Talent Acquisition Specialist
Phone:
Email:
Web:
4229 Lafayette Center Dr Suite 1880 Chantilly VA 20151

Title: Nessus Subject Matter Expert (SME) Location: Austin TX (Hybrid) Job Summary: We are looking for a Nessus Subject Matter Expert (SME) with specialized experience in Operational Technology (OT) security to lead vulnerability scanning assessment and mitigation efforts across both IT and OT...

Title: Nessus Subject Matter Expert (SME)

Location: Austin TX (Hybrid)

Job Summary:

Key Responsibilities:

SME for Nessus and Nessus Professional/ scanning solutions in both IT and OT environments.
Conduct vulnerability assessments on OT systems including PLCs RTUs HMIs and SCADA infrastructure ensuring minimal operational impact.
Configure and fine-tune scan policies for OT networks balancing visibility with system safety and availability.
Analyze scan results to identify vulnerabilities misconfigurations and compliance issues.
Collaborate with OT engineers IT security and compliance teams to align scanning activities with operational safety and security objectives.
Maintain a comprehensive inventory of OT assets and integrate vulnerability data with asset management systems when possible.
Support segmentation network mapping and risk assessments for OT environments using Nessus and complementary tools.
Develop and maintain detailed documentation on scan procedures results and mitigation strategies.
Develop reporting and metrics that highlight OT-specific vulnerabilities risk levels and remediation progress.
Stay informed of emerging threats zero-days and advisories relevant to OT (e.g. CISA ICS alerts ISA/IEC 62443 standards).

Qualifications:

3 years of experience configuring/implementing Tenable Nessus for enterprises for IT/OT vulnerability assessments.
5 years of experience with vulnerability management lifecycle and remediation tracking.
Nice to have experience in OT/ICS cybersecurity particularly in sectors such as energy or critical infrastructure.
Experience integrating Nessus/Tenable with asset discovery and monitoring tools (e.g. Nozomi Claroty Dragos SCADAfence).
Experience with or in hybrid OT/IT environments.
Ability to script in Python PowerShell or Bash for automation and data processing.
Knowledge of ICS protocols (e.g. Modbus DNP3 BACnet OPC Profinet).
Familiarity with network segmentation zone-based architecture and secure remote access principles in OT.
Strong understanding of CVEs CVSS scoring and vulnerability lifecycle management.
Working knowledge of industry standards and guidelines: ISA/IEC 62443 NIST 800-82 NERC CIP or equivalent.
Strong interpersonal and communication skills to interface effectively with IT OT and executive stakeholders.
Ability to work in sensitive safety-critical environments where system availability is paramount.
Strong analytical thinking with a detail-oriented and risk-focused mindset.