Vulnerability Scanning Engineer

First Information Technology Services (FITS) has been providing Information Security, Cloud Computing Security, and IT consulting services since 2000. FITS consultants perform comprehensive assessments from beginning to end to produce meaningful, actionable reports that fit within an organization's comprehensive risk strategy.  

FITS is seeking a Vulnerability Scanning Engineer to join our Vulnerability Analysis Team. The selected candidate will utilize various tools to perform vulnerability and compliance scans of workstations and servers in support of the client’s Continuous Monitoring effort. An understanding and experience with common cybersecurity toolsets and processes, including Assured Compliance Assessment Solution (ACAS), Tanium, Information Assurance Vulnerability Alert (IAVA) Management and Implementation, are required.

Job Description

• Ensure scheduled scans are covering 100% of intended assets and are being run successfully.
• Assess current ACAS implementations for each of the networks and recommend changes.
• Document the steps required to design the ACAS solution for each of the networks to include IP address, Fully Qualified Domain Name, and physical location of each component.
• Create reporting dashboard designs and reports for each environment that are specific to the following audiences: Leadership & Executives; Cybersecurity Staff; and System Administrators.
• Run follow-up scans to ensure that patches have been applied to the computing environment.
• Configure Tenable Security Center to scan network for rogue devices. 
• Implement the Reporting Dashboard designs and use reporting tool to create reports.
• Track and report the compliance statistics of vulnerabilities on assets in ACAS, DISA Continuous Monitoring and Risk Scoring (CMRS), and Continuum portals and maintain asset management within the prescribed tools.
• Document DISA STIGs applicable to each network environment for all ACAS implementations.

Required Qualifications

• Active DoD Secret Security Clearance (Top Secret preferred)
• DoD 8570 IAT Level 2 or 3 certified
• 1-3 years’ hands-on experience with ACAS/Tenable Nessus configuration 
• US Citizenship

Additional Qualifications

• Must be self-motivated and be able to work both in a team environment and independently.
• Demonstrates knowledge of networking concepts, devices (Firewalls, Routers, Switches, and Load Balancers), ports, protocols, and services.
• Has working experience with various Operating System Platforms (Windows, UNIX, and end-user) as applied to an enterprise environment.
• Ability to research and recommend resolutions to technical issues.
• Experienced in configuration, customization, operation, and troubleshooting of Operating Systems vulnerability scanning tools.
• Experienced in analyzing scan results to determine if scans were successfully completed.
• Demonstrates an understanding of network protocols (such as TCP/IP, UDP, IPSEC, routing protocols).

First Information Technology Services, Inc. believes that a well-rounded compensation package helps teams members thrive in their work and home life. FITS proudly invests in benefits for its employees, covering 100% of health, dental, and vision coverage for employees and their dependents, paid time off, holidays, matching 401(K), short/long term disability, and parental leave. FITS also provides up to $5,000 annually for professional development, including reimbursement of job-related training classes, seminars, tuition, and certification expenses. 

FITS is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind. FITS is committed to the principle of equal employment opportunity for all employees and to provide employees with a work environment free of discrimination and harassment. All employment decisions at FITS are based on business needs, job requirements, and individual qualifications, regardless of race, color, ethnicity, age, religion or belief, sex, sexual orientation, gender identity and/or expression, national origin, family or parental status, disability, military or veteran status, or any other status protected by the laws or regulations in the locations where we operate.