vulnerability Analyst

Send Resume

Organization: Department of Education
Location: Washington, DC
Labor Category: Computer Scientist II

Terms: Full Time Employment
Salary: Based on experience, education and certification
Clearance: Pubic Trust / Secret

Job Description

Analyst supports Independent Verification and Validation (IV&V) activities; performs vulnerability assessments and scans; performs tracking, remediation and mitigation activities through the Plan of Action and Milestones process (POA&M). The candidate will perform the following activities:

  • Analyze scan results and coordinate with Cyber Security Operations staff to assist in identifying mitigation strategies
  • Interface and coordinate with Principle Offices to work with System Owners and System ISSOs to analyze and review mitigation strategies for POAM closure; provide guidance and assist when strategies need to be enhanced
  • Conduct monthly scanning for branch owned assets, correct discovered vulnerabilities, and established mitigation strategies for vulnerabilities that cannot be corrected
  • Run monthly POAM and RAF reports out of CSAM for Department awareness
  • Perform Independent Verification and Validation activities to include:
    • Update/create entries within the current vulnerability management tool
    • Security configuration compliance verification
    • Application configuration verification
    • Vulnerability scanning/assessments
    • Network/ systems security evaluations

Required Skills and Education

  • Bachelor's Degree
  • 7 years experience
  • Superior oral and written communication skills
  • Advanced knowledge of MS Office products

Desired Skills and Certifications:

  • Experience with Nessus scanners
  • 2+ years of vulnerability management experience
  • Development of vulnerability reports and dashboards in support of client
  • CEH or similar certfication