Abile Headquarters

  • Cyber Security/Vulnerability Analyst

    Job Locations US-VA-Lorton
    Posted Date 6 days ago(1/23/2020 1:17 PM)
    Job ID
    2019-1507
    # of Openings
    1
    Category
    Information Technology
  • Overview

    Abile Group has an exciting and challenging opportunity for a Cyber Security/Vulnerability Analyst supporting an Intelligence Community Customer. 

     

    The right candidate will possess the below skills and qualifications and be ready to handle all responsibilities independently and professionally.

    Responsibilities

    • Serves as a Cyber Security/ Vulnerability Analyst for the Security Team.
    • Conducts security patch monitoring, advanced analytics and response activities in support of the RMF team mission.
    • Conducts enterprise-level vulnerability scans to include Amazon Web Services (AWS) cloud security.
    • Performs vulnerability assessment, risk assessments, independent certification testing, security test and evaluation, penetration testing and verifies the accuracy and completeness of checklists and reports associated with the assessment and authorization process.
    • Uses industry accepted tools to assess the full scope of the vulnerability and compliance status of all classified IT software, hardware and network systems.
    • An ideal candidate will have hands-on experience in FISMA reporting, vulnerability detection and assessment, penetration testing, cloud services such as Amazon Web Services (AWS), Web Application, Vulnerability, and Compliance assessments.
    • Information System Security Engineering experience is a plus.
    • Assess large-scale reporting, analyze trends, and provide contextual reporting Security Services Manager or representative.
    • Review and analyze security tool output and vulnerability data to identify relevant vulnerabilities; monitor external threat intelligence feeds for internal relevance.
    • Work with System Owners and technical teams to prioritize and remediate identified threats and vulnerabilities.
    • Conduct vulnerability assessments, conduct troubleshooting of failed scans, and analyze vulnerability reports from enterprise assessment tools such as SCAP, Security Center, Nessus and NexPose.
    • Interface with Security Control Assessors (SCA), System Owners and System Administrators in order to coordinate and perform complex security test data analysis, and vulnerability and compliance testing on a wide range of classified IT systems.
    • Support compliance and risk management activities, recommend security controls and corrective actions to mitigate vulnerability risks.
    • Coordinate with the Program Manager to ensure vulnerability scans adhere to approved timelines in support of the Assessment and Authorization (A&A) process.

    Qualifications

    Clearance Required: Top Secret

     

    Degree and Years of Experience: Bachelor Degree in Information Technology, Cyber Security, or Computer Science Experience 4 years of experience in vulnerability assessment and penetration testing.

     

    Required Certifications:

    • Security+, CISSP, CEH, or GPEN Certification

    Required Skills:

    • Experience using vulnerability scanning tools (Nessus, Nexprose, SCAP, Security Center) and vulnerability management platforms.
    • Experience using common security testing and analysis tools (Metasploit, Kali Linux).
    • Experience with AWS cloud.
    • Understanding of cloud computing and security issues related to cloud environments.
    • Understanding of vulnerability management and security testing practices and methodologies.
    • Excellent organizational and attention to detail in tracking and reporting compliance activity and trend analysis of enterprise vulnerabilities.
    • Ability to develop follow-up action plans to resolve reportable issues and communicate with the other technologists to address security threats and vulnerabilities.
    • A working knowledge of the various operating systems (e.g. Windows, OS X, Linux, etc.) commonly deployed in enterprise networks, a conceptual understanding of Windows Active Directory is also required, and a working knowledge of network communications and routing protocols (e.g. TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.).
    • Familiarity with ICD 503, 4300A/B/C, NIST 800-53 Revision 4 and up, Risk Management Framework (RMF), Security Technical Implementation Guides (STIG's), and other compliance guidelines.
    • Attention to Detail - Is thorough when performing work.
    • Oral Communication - Shares information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.
    • Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

    About Abile Group, Inc.

    Abile Group, Inc. was formed in July 2004 to partner with the Intelligence Community and their Contractors in the areas of Enterprise Analytics & Performance Management, IT & Systems Engineering and Program & Project Management. We have significant experience with the Federal Government and are an EDWOSB dedicated to our employees and clients.  We are looking for high performing employees who enjoy providing advice and guidance along with solutions development and implementation support, crafted by combining industry best practices with the clients’ subject matter experience and Abile’s breadth of expertise. 

    EEO Statement

    Abile Group, Inc. is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, veteran status, disability, or national origin.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed