Security Analyst

Position Description: The successful candidate will collaborate with other security team members and client personnel to conduct security analysis for vulnerabilities reported to the client from around the world. You will determine vulnerable products and assign a severity score to those products based on industry specifications. The security analysis data will be used by tens if not hundreds of millions of customers.  Primary Responsibilities: ·        Conduct security analysis and scoring of Common Vulnerabilities and Exposures (CVE) utilizing the Common Vulnerability Scoring System (CVSS) framework·        Create, update and maintain Security Technical Implementation Guides (STIGs) for the National Checklist Program (NCP)·        Implement the use of Security Content Automation Protocol (SCAP) for the NCP·        Serve as a point of contact for the NCP·        Develop use cases, test cases, and requirements documentation for various functional business areas·        Assist with functionality testing of internal NVD applications and the external NVD website·        Review and provide comments on official NIST documentation·        Conduct Research and Development activities for NIST    Required Qualifications: ·        5+ years of experience·        Experience with vulnerability analysis, assessments and remediation management·        Strong understanding of enterprise technologies, architectures, operations and protocols, and willingness to learn new technologies·        Understanding of industry standards such as CVE, CPE and CVSS·        Ability to articulate vulnerabilities and remediation to varied audience·        Experience with data analysis, automation and black box testing  Desired Qualifications:  ·          Security+ certification   About PingWind PingWind is focused on delivering outstanding services to the federal government. We have extensive experience in the fields of cybersecurity, development, IT infrastructure, supply chain management and other professional services such as system design and continuous improvement. PingWind is a VA CVE certified Service-Disabled Veteran-Owned Small Business (SDVOSB) with offices in Washington DC and Northern Virginia. www.PingWind.com Our benefits include:Paid Federal HolidaysRobust Health & Dental Insurance Options401k with matchingPaid vacation and sick leaveContinuing education assistanceShort Term / Long Term Disability & Life InsuranceEmployee Assistance Program through Sun Life Financial EAP Guidance Resources Veterans are encouraged to apply PingWind, Inc. does not discriminate in employment opportunities, terms, and conditions of employment, or practices on the basis of race, age, gender, religious or political beliefs, national origin or heritage, disability, sexual orientation, or any characteristic protected by law.