Millennium Corporation is hiring a Blue Team - Enterprise Vulnerability Scanning Analyst in Washington, DC. Candidate must have an active Top Secret Clearance with eligibility to obtain SCI/CI Poly.

In support of a premier Law Enforcement agency, we are looking to expand our industry-leading, high-impact, Blue Team.  The Enterprise Vulnerability Scanning Analyst will perform the following duties:

• Monitor, analyze, and detect Cyber events and incidents within information systems and networks under general supervision.
• Assist with integrated, dynamic Cyber defense, coordinate and maintain security toolsets to support organizations’ continuous monitoring and ongoing authorization programs.
• Develop security assessment plans for systems, including the objectives, scope, schedule, required documentation, possible risks, and other logistical items for security assessments; develops cloud service provider testing approach from security perspective.
• Provides validation of security control tests for cloud service provides; coordinating access to systems and approvals for scanning activities.
• Conducts ad hoc testing on an as-needed basis to assist with development activities or vulnerability remediation.
• Reviews/tests system security controls (managerial, operational, and technical) to determine adequacy against federal requirements (e.g., NIST SP 800-53) and mission context.
• Documents plans of action and milestones for corrective action following assessment activities and in response to identified vulnerabilities.
• Drafts security policies and procedures including the system security plan, and agency specific policies in accordance with NIST requirement.
• Routinely conducts risk assessments to quantify impacts of vulnerabilities.

Additional Blue Team activities that may be supported:

• Identification and Validation of Security Flaws
• Network Mapping / Network Analysis
• Vulnerability Analysis
• Pen-testing network filters and security countermeasures
• Threat Hunting
• Incident Response
• Forensic Analysis

• Candidate must have an active Top Secret Clearance and be eligible to obtain SCI/CI Poly after starting.
• Bachelor's (or equivalent) with 5+ years of experience, or a Master's and 3+ years of experience.
• SPECIALIZED experience in Vulnerability Scanning and Analysis
• Candidates should be able to apply and understand a wide range of technical principles, theories and concepts.
  
• Shall possess one or more of the following certifications:
  • (ISC)2 Certified Information Security Professional (CISSP)
  • ISACA Certified Information Systems Auditor (CISA)
  • SANs GIAC certification ( e.g., GPEN or GW APT)
  • Offensive-Security Certified Professional (OSCP)
  • EC-Council Certified Ethical Hacker (CEH)

• Must be comfortable with prolonged periods of sitting at a desk and working on a computer.
• Must be able to lift up to 10-15 pounds at a time.

Up to 10% travel required