Vulnerability Assessment Analysts

Washington, DC

Full Time Senior-level / Expert Clearance required

Job Description:

XOR Security is currently seeking talented, experienced Vulnerability Assessment Analysts for an exciting position supporting one of our premier clients. Our project is aimed at establishing cutting-edge techniques for network defense, identifying threats and detecting malicious activity using advanced toolsets.  The ideal candidate will have experience with Vulnerability Assessment/Analysis, Security Controls Assessment, Continuous Monitoring, Continuous Authorization, and FedRAMP assessments and will keep up to date on emerging trends in the cyber security field. 

Location:

Washington D.C., USA 

Skills and Qualifications:

Required Qualifications:

  • An industry certification such as CASP, CAP, CISSP, CISM, GSEC, GMON, Security+
  • 7 years of experience in Information Assurance
  • Bachelor’s Degree in Computer Science, Computer Engineering, Information Systems or equivalent experience. 
  • In-depth understanding and hands-on experience with Qualys, to include scanning with Security Technical Information Guides (STIG) and CIS benchmarks
  • MS Excel pivot tables

Job Duties:

  • Leverage enterprise scanning applications or tools approved by the government to complete this task. The vulnerability management support will require the Contractor to provide routine and ad-hoc automated vulnerability scans, scans in support of audits, scan result analysis, and validation scans of remediated vulnerabilities identified during Vulnerability Assessment & Penetration Testing engagements.
  • Support vulnerability scans of information systems that are on-premises and hybrid cloud systems as necessary
  • Support scanning and testing at the application and database level and shall refine and mature scanning metrics and thresholds to positively affect program maturity
  • Work with system owners, system administrators and ISSOs to define the scope, develop a test plan, and rules of engagement as necessary
  • Analyze weekly DHS Cyber Hygiene reports, facilitate remediation of findings therein, and promote comprehensive scanning coverage of all Internet- reachable IT assets
  • Identify corrective actions, compensating controls, and assist with POA&M development in CSAM
  • Identify mitigations for non-compliance, notify stakeholders of compliance issues and, where required, perform these mitigations
  • Take into account any infrastructure challenges and make recommendations for improvements where needed. This includes third party service provider hosted Software as a Service (SaaS), Platform as a Service (PaaS) instances as well as Infrastructure as a Service (IaaS)
  • Provide expertise in the review of new vulnerability technologies and capabilities and shall interact with other technology divisions to facilitate deployment

 Closing Statement:

XOR Security offers a very competitive benefits package including health insurance coverage from the first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.

XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.

Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP and PUBLIC TRUST CLEARANCE REQUIRED.

 

Tags: Audits C CASP+ CISM CISSP Clearance Clearance Required Cloud Compliance Computer Science FedRAMP GSEC IaaS Monitoring PaaS Pentesting Qualys SaaS Vulnerabilities Vulnerability management Vulnerability scans

Perks/benefits: 401(k) matching Health care

Region: North America
Country: United States
Job stats:  0  0  0
Category: Analyst Jobs
  • Share this job via
  • or

Other jobs like this

Explore more Cybersecurity career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.