Fed: Sr Security Vulnerability & Incident Analyst (Qualys, SIEM, Nessus, Testing) Telework

Job Description

Company: JPI Technology LLC

Location: Merrifield, US

Hello,

(Only w2 OR 1099 no c2c and must have Active Interim / Secret /TS clearance)

Please note this position is with Fed Agency and required Active Interim / Secret or TS or Interim clearance.

Must be able to work on w2 due to the clearance requirement.

Location: Merrifield, VA

Work schedule & hours: Position is currently 100% telework / Remote- 8hrs/day, shift starts from 8am OR 9am.

Telework with an exception of client visit for emergency meeting or on-site incident

Clearance: Must have interim / Active Secret or TS.

Qualifications
• Master’s degree in Cybersecurity, Information Security, or a related field with 8 years in Cybersecurity or 14 years in IT, 10 years in IT Security.
• 4+ years of experience in information technologies, especially information security, such as security operations and incident response, regulatory compliance or audit, vulnerability management, security engineering or similar experience
• 4+ years of experience with vulnerability management technology, process, and programs
• Experience with vulnerability management and Testing tools, such as Tenable, Wiz, Qualys Rapid7, OWASP 10, Kali etc. (Required)
• Experience with analyzing output from vulnerability management tools and security penetration tests for the purposes of prioritizing remediation efforts
• Familiarity with security standards and frameworks such as: NIST, PCI DSS, ISO, etc. (Required)
• Demonstrated leadership, interpersonal and verbal communication skills
• Demonstrated written communication skills
• Expert knowledge of cybersecurity Vulnerability Management techniques, as applied to cloud, data, applications, platforms, operating systems and networks
• A strong working understanding of cybersecurity architectural principles
Ability to understand technically challenging Common Vulnerability and Exposure (CVE) information and determine importance.
Experience with SIEM tools Information system security, cyber security, computer forensics, insider threat,
information certification & accreditation regulations, Federal standards, industry best practices and guidelines.
Experience using SIEM tools like SourceFire, Splunk, NetWitness, Guidance Software, Digital Guardian,
Raytheon (SureView), NMAP, Metasploit, Request Tracker, Nagios, Intelliview, Nessus and Foundstone.

Responsibilities
• The Senior Vulnerability Analyst is a key member of the Vulnerability Management team and works with internal and external groups to identify and drive remediation of information security risks
• The ideal candidate will have prior experience analyzing vulnerabilities to determine applicability and impact, reporting vulnerability and risk information to senior leadership, and leading prioritization and remediation strategies in an enterprise environment
• Maintain awareness of critical vulnerabilities and emerging threats that may impact the client.
• (Tenable/Nessus, Security Center, Qualys, Wiz, ServiceNow and RBVM for vulnerability management.)
• Serve as a Vulnerability Management Subject Matter Expert (SME) assisting operational teams in understanding criticality of detected vulnerabilities, as well as providing remediation guidance
• Assist with cybersecurity risk assessments, IT audits and/or vulnerability assessments

Application Question(s):
• Please note if you must have Bachelors degree at minimum or 16 years in IT including 5 years in Vulnerability and 10years in Security.
• you must have minimum of an Active Interim / secret clearance.

Education:
• Bachelor’s (Required)

Security clearance:
• Secret (Required)

Work Location: 100% Telework for occasional client visit upon client request

Source: LinkedIn