Vulnerability Assessment Senior Analyst

Description

Job Description:

The Leidos Vulnerability Scanning team has an immediate opening for a motivated Cybersecurity Vulnerability Engineer focused on the Assessment and Prioritization of Enterprise Vulnerabilities. In this position, you will have the ability to grow through training opportunities, conferences and collaboration with industry peers and adjacent parts of our business.  You will be challenged and provided a tremendous opportunity for growth in a highly collaborative and supportive environment.

There is so much more to a career in cybersecurity than the stereo typical images of hackers and overworked IT professionals. Our mission at Leidos is to make the world safer, healthier, and more efficient through information technology.  Come join us for a rewarding experience alongside talented cyber professionals who can help you achieve your career goals!

Primary Responsibilities

• You will perform and lead various levels of data analysis, data and metric reporting, and research on existing and emerging cyber threats, particularly those directed against Leidos' global network
• Work with other teams to plan and schedule vulnerability remediation
• Create, Document, and Improve processes
• Track vulnerability remediation activities to ensure completion in accordance with established Leidos policy
• Build strong partnerships with technical teams to promote best practices for managing vulnerabilities in an agile manner
• Mentor and guide team members with vulnerability assessments, mitigation techniques, and approaches
• Stay up to date on latest technology trends, particularly as they apply to vulnerability and risk management.

Basic Qualifications

• Bachelor's Degree in Information Security or Equivalent
• Proven experience in vulnerability management strategies, standards, procedures, and technologies across infrastructure- and application-level vulnerabilities.
• Knowledge of operating systems, systems software, and application installation and administration, and Knowledge of computer networking concepts and protocols, and network security methodologies
• Experience with the vulnerability management lifecycle
• Strong technical knowledge and experience required in areas of vulnerability assessment, risk-based analysis, and vulnerability mitigation.
• Experience with vulnerability scanning and reporting, including analysis of results to effectively prioritize remediation efforts.
• Experience working with automated and open-source vulnerability scanners such as Nessus, InsightVM, OpenVAS, Qualys, Nexpose, etc.
• Knowledge of or exposure to working with application scanning tools (SAST / DAST) vulnerability scanners such as Invicti, Acunetix, Burp, Zap, etc.
• Demonstrates excellent interpersonal, organizational and communication skills allowing them to Communicate effectively (written and oral) across all levels of the organization and can determine the appropriate forum for each method, including working directly with Product Managers, Security Engineers, and Senior Leadership

Preferred Qualifications 

• Knowledge of application development, network engineering, operating systems, and cloud environments.
• Demonstrate the ability to prioritize and manage individual workload with minimal assistance. Collaborate effectively with leadership and team members to adjust priorities based on business needs.
• 5+ years of vulnerability management engineering experience with vulnerability scanners and experience remediating issues with system owners
• 5+years of operational IT Security experience required
• 5+ years of experience analyzing data and solving problems
• Experience working in a large enterprise environment with diverse teams
• Provide prompt attention and visibility into risks, vulnerabilities, and issues serving as an escalation path for team member effectiveness
• Ability to identify systemic security issues based on the analysis of vulnerability and configuration data
• Ability to manipulate data using Excel, SQL Queries, and scripting languages such as Bash, Python, Perl, and PowerShell
• Experience performing root cause analysis of security events and incidents
• Ability to organize, manage, and maintain large-scale projects
• Drive the vulnerability assessment and management team as a leader and subject matter expert.
• Ability to understand, design, and develop vulnerability mitigation strategy, prioritize identified vulnerabilities, and manage risk associated with vulnerabilities.

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

#Remote

About Leidos

Leidos is a Fortune 500® technology, engineering, and science solutions and services leader working to solve the world’s toughest challenges in the defense, intelligence, civil, and health markets. The company’s 45,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $14.4 billion for the fiscal year ended December 30, 2022.  For more information, visit www.Leidos.com.

Pay and Benefits

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.

Securing Your Data

Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at [email protected].

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.

Commitment to Diversity

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.