Vulnerability Scanning Engineer
Alexandria, Virginia, United States
First Information Technology Services
Designing Information Security Solutions with You in Mind.First Information Technology Services (FITS) has been providing Information Security, Cloud Computing Security, and IT consulting services since 2000. FITS consultants perform comprehensive assessments from beginning to end to produce meaningful, actionable reports that fit within an organization's comprehensive risk strategy.
FITS is seeking a Vulnerability Scanning Engineer to join our Vulnerability Analysis Team. The selected candidate will utilize various tools to perform vulnerability and compliance scans of workstations and servers in support of the client’s Continuous Monitoring effort. An understanding and experience with common cybersecurity toolsets and processes, including Assured Compliance Assessment Solution (ACAS), Tanium, Information Assurance Vulnerability Alert (IAVA) Management and Implementation, are required.
Job Description
- Ensure scheduled scans are covering 100% of intended assets and are being run successfully.
- Assess current ACAS implementations for each of the networks and recommend changes.
- Document the steps required to design the ACAS solution for each of the networks to include IP address, Fully Qualified Domain Name, and physical location of each component.
- Create reporting dashboard designs and reports for each environment that are specific to the following audiences: Leadership & Executives; Cybersecurity Staff; and System Administrators.
- Run follow-up scans to ensure that patches have been applied to the computing environment.
- Configure Tenable Security Center to scan network for rogue devices.
- Implement the Reporting Dashboard designs and use reporting tool to create reports.
- Track and report the compliance statistics of vulnerabilities on assets in ACAS, DISA Continuous Monitoring and Risk Scoring (CMRS), and Continuum portals and maintain asset management within the prescribed tools.
- Document DISA STIGs applicable to each network environment for all ACAS implementations.
Required Qualifications
- Active DoD Secret Security Clearance (Top Secret preferred)
- DoD 8570 IAT Level 2 or 3 certified
- 1-3 years’ hands-on experience with ACAS/Tenable Nessus configuration
- US Citizenship
Additional Qualifications
- Must be self-motivated and be able to work both in a team environment and independently.
- Demonstrates knowledge of networking concepts, devices (Firewalls, Routers, Switches, and Load Balancers), ports, protocols, and services.
- Has working experience with various Operating System Platforms (Windows, UNIX, and end-user) as applied to an enterprise environment.
- Ability to research and recommend resolutions to technical issues.
- Experienced in configuration, customization, operation, and troubleshooting of Operating Systems vulnerability scanning tools.
- Experienced in analyzing scan results to determine if scans were successfully completed.
- Demonstrates an understanding of network protocols (such as TCP/IP, UDP, IPSEC, routing protocols).
First Information Technology Services, Inc. believes that a well-rounded compensation package helps teams members thrive in their work and home life. FITS proudly invests in benefits for its employees, covering 100% of health, dental, and vision coverage for employees and their dependents, paid time off, holidays, matching 401(K), short/long term disability, and parental leave. FITS also provides up to $5,000 annually for professional development, including reimbursement of job-related training classes, seminars, tuition, and certification expenses.
FITS is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind. FITS is committed to the principle of equal employment opportunity for all employees and to provide employees with a work environment free of discrimination and harassment. All employment decisions at FITS are based on business needs, job requirements, and individual qualifications, regardless of race, color, ethnicity, age, religion or belief, sex, sexual orientation, gender identity and/or expression, national origin, family or parental status, disability, military or veteran status, or any other status protected by the laws or regulations in the locations where we operate.
Tags: Clearance Cloud Compliance DoD DoDD 8570 Firewalls Monitoring Nessus Security Clearance Strategy TCP/IP Top Secret UNIX Vulnerabilities Windows
Perks/benefits: Career development Health care Parental leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs