In support of a premier Law Enforcement agency, we are looking to expand our industry-leading, high-impact, Blue Team. The Enterprise Vulnerability Scanning Analyst will perform the following duties:
- Monitor, analyze, and detect Cyber events and incidents within information systems and networks under general supervision.
- Assist with integrated, dynamic Cyber defense, coordinate and maintain security toolsets to support organizations’ continuous monitoring and ongoing authorization programs.
- Develop security assessment plans for systems, including the objectives, scope, schedule, required documentation, possible risks, and other logistical items for security assessments; develops cloud service provider testing approach from security perspective.
- Provides validation of security control tests for cloud service provides; coordinating access to systems and approvals for scanning activities.
- Conducts ad hoc testing on an as-needed basis to assist with development activities or vulnerability remediation.
- Reviews/tests system security controls (managerial, operational, and technical) to determine adequacy against federal requirements (e.g., NIST SP 800-53) and mission context.
- Documents plans of action and milestones for corrective action following assessment activities and in response to identified vulnerabilities.
- Drafts security policies and procedures including the system security plan, and agency specific policies in accordance with NIST requirement.
- Routinely conducts risk assessments to quantify impacts of vulnerabilities.
Additional Blue Team activities that may be supported:
- Identification and Validation of Security Flaws
- Network Mapping / Network Analysis
- Vulnerability Analysis
- Pen-testing network filters and security countermeasures
- Threat Hunting
- Incident Response
- Forensic Analysis