Vulnerability Management Analyst - (TS required, eligible for SCI)

Washington, DC

Full Time

Mid Level

SECURITY CLEARANCE REQUIREMENT: TS, WITH SCI ELIGIBILITY
***POSITION REQUIRES US CITIZENSHIP***
Position Title: Vulnerability Management Analyst

Location: Washington DC (on-site)
Salary Range: $140K - $160K based on experience

Position Description:

We are seeking a Mid Level ISSE to carry out the following duties and responsibilities:

Services to support Information System Engineering performed by the Information System Security Engineer (ISSE) at a minimum, shall consist of the following activities:
Identify information protection needs for an IS and Network Environment
Define IS and Network Environment security requirements in accordance with applicable cybersecurity requirements
Design security architectures for use within the IS and Network Environment
Design and develop cybersecurity-enabled products for use within an IS and Network Environment
Integrate and/or implement security with Cross Domain Solutions (CDS) for use within an IS and Network Environment
Develop and implement security designs for new or existing network system(s). Ensure that the design of hardware, operating systems, and software applications adequately address cybersecurity requirements for the IS and Network Environment
Design, develop, and implement network security measures that provide confidentiality, integrity, availability, authentication, and non-repudiation
Design, develop, and implement specific cybersecurity countermeasures for the IS and Network Environment
Develop interface specifications for the IS and Network Environment
Develop approaches to mitigate IS and Network Environment vulnerabilities and recommend changes to network or network system components as needed
Ensure that network system(s) designs support the incorporation of client directed cybersecurity vulnerability solutions

Qualifications:

Required:

Current U.S. Government Top Secret Clearance w/ SCI and a CI-Polygraph eligibility
Must be a U.S Citizen
Minimum 5 years’ experience, or equivalent education/experience; Doctorate plus 4 years; Master’s plus 3 years; Associates plus 7 years; or H.S./GED plus 10 years
Experience performing vulnerability scans, implementing, or overseeing vulnerability assessment, and conducting risk assessments in a large enterprise
Highly self-directed problem solver who thrives in ambiguity and requires minimal supervision
Able to navigate limited tooling, incomplete information, and operational constraints to design creative, scalable, and increasingly automated solutions that streamline vulnerability management workflows
Ability to monitor for vulnerabilities within applications, endpoints, databases, networking, and mobile and cloud services
Ability to pivot to emerging vulnerabilities and exigent issues that may arise
Communicating complex security issues to business owners at their level of knowledge
Ability to manage a formal exception process
Strong written and oral communication skills across varying levels of the organization
Well-organized with keen attention to detail
Capable of maintaining accurate asset inventory
Comfortable presenting reports to cross functional teams and upper management
Proficient with commercial and open-source vulnerability management solutions
Familiarity with the use and operation of security tools including Tenable Nessus and/or Security Center, IBM Guardium, HP WeblInspect, Network Mapper (NMAP), and/or similar applications
Hold at least one of the following certifications:
- Certified Information Systems Security Professional (CISSP) (or Associate)
- CompTIA Advanced Security Practitioner (CASP) CASP CE
- Certified Secure Software Lifecycle Professional (CSSLP)
- CISSP- Information System Security Engineering Professional (ISSEP)
- CISSP- Information System Security Architecture Professional (ISSAP)

Desired:

Experience administrating vulnerability management tools such as Tenable
Experience with vulnerability management across AWS, Azure or Google Cloud Platform
Ability to build lasting relationships with outside teams
A bachelor’s and/or advanced degree in computer science, business management, or IT-related discipline

Employee Benefits:

Competitive salary for well qualified applicants
401(k) plan
Annual performance bonus
Certification and advanced degree attainment bonuses
Student Loan / Tuition reimbursement
Health Care Insurance (medical, dental, vision)
Up to four weeks of paid vacation
10 Federal Holidays, and 3 Floating Holidays
Team bonding events

RedTrace Technologies is an EOE employer.

Apply for this position

Required*

First Name*

Last Name*

Email Address*

Phone*

Address

Resume*

We've received your resume. Click here to update it.

Attach resume or Paste resume

Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

Are you currently a U.S. Citizen?* YesNo

Have you, in the last 12 months, been denied a security clearance for any reason?* YesNo

Do you currently possess a TS Secret security clearance as outlined in the job posting?*

What are your salary requirements?*

The following questions are entirely optional.

To comply with government Equal Employment Opportunity and/or Affirmative Action reporting regulations, we are requesting (but NOT requiring) that you enter this personal data. This information will not be used in connection with any employment decisions, and will be used solely as permitted by state and federal law. Your voluntary cooperation would be appreciated. Learn more.

Gender

Race/Ethnicity

Invitation for Job Applicants to Self-Identify as a U.S. Veteran

A “disabled veteran” is one of the following:
- a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or
- a person who was discharged or released from active duty because of a service-connected disability.
A “recently separated veteran” means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.
An “active duty wartime or campaign badge veteran” means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.
An “Armed forces service medal veteran” means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Veteran status

I IDENTIFY AS ONE OR MORE OF THE CLASSIFICATIONS OF PROTECTED VETERAN LISTED ABOVE
I AM NOT A PROTECTED VETERAN
I DON’T WISH TO ANSWER

Human Check*

Submit Application

RedTrace Technologies Inc

Thanks for visiting our Career Page. Please review our open positions and apply to the positions that match your qualifications.

Vulnerability Management Analyst - (TS required, eligible for SCI)

Apply for this position