Vulnerability Management Analyst (TS/SCI)

Fort Meade, MD

Posted: 04/10/2019 Job Number: JN -042019-10623
Title: Vulnerability Management Analyst TS/SCI Clearance Required
Location: Fort Meade, MD
Type: Direct Hire
Salary: $115k - $125k/yr

SRG is hiring a Vulnerability Management Analyst to join a DoD contactor as a direct hire. This position will support the analysis of software/hardware vulnerabilities and the impact those vulnerabilities will have to DOD systems. The Analyst will determine priority level for vulnerability fix actions and contribute to the mitigation strategies that can be implemented prior to the release of a vendor fix action.

Responsibilities
  • Establish communications with vendors for the release of newly identified vulnerabilities and to ensure they understand the specialized requirements of DOD information systems.
  • Leverage a specialized understanding of vendor products and fix actions to develop mitigations orders for the identified vulnerabilities.
  • Compile daily, weekly and annual vulnerability metrics associated with affected and non-affected DOD products.
  • Utilize tracking tools to upload information for DOD component consumption and vulnerability compliance tracking.
  • Create situational awareness products to provide DOD components with detailed information related to vulnerabilities and appropriate mitigation strategies.
  • Identify, analyze, and develop mitigation or remediation actions for system and network vulnerabilities.
  • Prioritize identified vulnerabilities based upon severity, potential operational impact, and other factors for DOD.
  • Conduct open source research to identify and analyze known and unknown vulnerabilities.
  • Provide notification of potential threats by tracking vulnerabilities and exploits, propagation of worms and viruses as they migrate throughout DOD and globally.
  • Develop, document, and convey IAVM operational requirements to enhance capabilities to identify, track, and remediate system and network vulnerabilities as well as for a real-time patch management capability.
  • Monitor the progress of internal and external organizations to ensure IAVM operational requirements are fulfilled for Government review.

Required Experience/Qualifications
  • Understand the lifecycle of the network threats, attack vectors and methods of exploitation.
  • Previous tools experience working with ArcSight, Splunk, PCAP, JIMS or equivalent toolsets.
  • Technical understanding in some of the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication installation, or malware types), or intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch, or open source information collection)
  • Experience in an Operations Center providing Senior Leaders specified reports based on information received from supporting units.
  • Have working knowledge of threat and vulnerability analysis, routing protocols, routing, intrusion detection systems, intrusion protection systems, Domain Name Service, or network traffic analysis.

Preferred Experience/Qualifications
  • Currently possess DoD 8570 IAT Level II certification (Security+ or equivalent).
  • ITIL v3 Foundation certified.
SRG Government Services (SRG) is a leading provider of information technology, training, engineering, accounting and intelligence analytical services for agencies in the intelligence, defense, homeland security, cyber security, and federal civilian markets. SRG utilizes an innovative approach to identify and qualify talent that is unique to the federal contracting industry, featuring a cutting edge platform that allows us to rapidly and precisely match professionals to client requirements. We have a proprietary database of over one million candidates and maintain continuous contact with our qualified talent.


EOE/ADA
#clearance
Apply Online

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.