Candidate will serve as a Vulnerability Management Support Analyst. The Vulnerability Management Support Analyst Group (VMSAG) is dedicated remediation-focused group for "HIGHLY" vulnerable systems. The group identifies, remediates, and tracks systems with high quantities of unresolved Information Assurance Vulnerabilities (IAV). The candidate will be part of an IA engineering group responsible for identifying systems with a high density of unresolved IAVs, that tracts and brings into compliance High Interest IAVs for the United States Army Corps of Engineers and addresses security issues caused by problematic software. The candidate will work on a list of known system and security tool configuration issues that may be contributing to the target system's non-compliance. Be responsible for remotely connecting to high vulnerability density workstations, through remote access capabilities, to remediate vulnerability findings and resolve any contributing system related issues. Work with operations staff to isolate the root causes and sources for non-compliance and assist them in implementing remedial action.
- Ensure that "highly" vulnerable systems are 0-3% of total population
- Remedy Support Group
- Interface with end users, IA Teams, and Operation Support Teams
- Utilize SCCM Client Health tool and Windows Management Interface (WMI) focused command line scripts
- SCCM Clients not reporting in 21 days
- Initial focus is countering SCCM Client Health issues
- Analyze vulnerability assessment data to identify technical risks to the organization
- Conduct analysis and aggregation of vulnerability data from various sources
- Continue self-development of knowledge, skills and abilities to better support execution of the Information Security (IS) function.
BS degree and 2 - 4 years of prior relevant experience or Masters with less than 2 years of prior relevant experience. Experience in enterprise programming languages and common scripting languages are a plus. Understanding of Windows-based operating systems and the patching process is required.
• Familiarity with ACAS reporting and Nessus scan data
• Scripting experience/knowledge (bash, PowerShell, VB, etc.)
• Basic understanding of network protocols
• Good Analytical skill set (Root Cause Analysis, analyzing scan data)
• Knowledge of Incident Response procedures, forensics
• Knowledge of how to create or apply GPOs (either local or domain)
• Know different Microsoft patching processes and how they work
• Operating System knowledge and/or certifications
• Industry recognized certification in security (Sec+ and/or CISSP)
Bachelor's degree in Computer Science or related discipline, or equivalent combination of education and experience in information security in a large, highly-regulated enterprise.
• Prior experience supporting/working with the U.S. Army Corps of Engineers
• Experience with DISA STIGs
• Experience with USCybercom IAVM program
• Experience with IonIA reporting
• Experience running and managing vulnerability assessment tools
• Excellent verbal and writing skills and the ability to write clear and concise assessment reports.
• Be able to execute in a high-pressure environment with tight timeframes
• Prior experience executing vulnerability assessment activities
• Technical security certifications preferred, such as GPEN, CISM, and/or CISSP
• Displays a proven track record in executing vulnerability assessment activities