Risk Vulnerability Assessment Analyst/Specialist

At The One 23 Group, our mission is to set the benchmark for excellence in government services. We empower our clients in the Department of Defense, Intelligence Community, and Federal Civilian sectors to excel with our advanced capabilities. Our dedication lies in fostering a people-first culture, underpinned by steadfast ethical principles. Embracing innovative technologies and process improvements, we are steadfast in our journey toward a future that is both bright and transformative.

Our expertise spans consulting and analytics, digital workplace solutions, and cyber compliance. With our global footprint, we place a strong emphasis on nurturing our people and culture, which forms the core of our successful strategies in leadership and financial management. We pride ourselves on our extensive experience and effective approach, ensuring that we lead with both innovation and integrity.

The One 23 Group, a Virginia-based Government Contractor, seeks a TOP SECRET/SCI Cleared Risk Vulnerability Assessment Analyst/Specialist local to Washington DC Metropolitan area. 

We are seeking a Risk Vulnerability Assessment Analyst/Specialist who will be responsible for conducting vulnerability assessments and penetration tests on various systems, applications, and infrastructure. This role involves analyzing cyber risks, assessing vulnerabilities, and providing detailed recommendations for remediation. The analyst works closely with leadership to ensure cybersecurity policies are met, performs continuous assessments of risks, and contributes to the cybersecurity lifecycle process, ensuring compliance with security standards.

Key Responsibilities:

• Vulnerability Assessments: Perform regular vulnerability assessments and penetration testing on infrastructure systems to identify weaknesses and security risks.
• Risk Evaluation & Mitigation: Evaluate, rate, and prioritize risks associated with infrastructure assets, and provide recommendations for remediation or mitigation.
• Client & Leadership Support: Provide advice and assistance to clients and leadership to ensure adherence to security policies and procedures and facilitate compliance with industry standards.
• Cybersecurity Consulting: Offer cybersecurity consulting services throughout the security assessment and compliance life cycle, helping organizations maintain strong security postures.
• Data Analysis: Conduct data gathering, research, and analysis as part of threat, vulnerability, risk, and maturity assessments, applying critical thinking to identify and close gaps in cybersecurity practices.
• Program Improvement: Develop implementation plans for the improvement of risk management programs, contributing to innovation and continuous improvement efforts.
• Compliance Auditing: Maintain and ensure adherence to Computer Network Defense (CND) policies, regulations, and compliance documents, with a focus on CND auditing.
• Policy Adherence: Ensure the organization complies with cybersecurity policies, frameworks, and regulatory requirements. 

Qualifications:

• Education: Bachelor's degree in Computer Science, Information Systems, or a related technical field. 
• Experience:
• Minimum of three (3) years of experience in cybersecurity, risk assessment, and vulnerability management.
• Understanding of how network traffic flows across the network and Internet Protocol (IP).
• Familiarity with the Open Systems Interconnection (OSI) model.
• Knowledge of the Information Technology Infrastructure Library (ITIL) v3.
• Strong understanding of network protocols and security architecture concepts.
• Knowledge of Information Assurance (IA) principles and organizational security requirements.
• Familiarity with network access, identity, and access management practices.

Certifications: 

· REQUIRED – Must possess at least one of the following:

· Certified Information Systems Security Professional (CISSP) 

· Certified Ethical Hacker (CEH)

· Certified Information Security Manager (CISM)

· CompTIA Security+/ CompTIA Cybersecurity Analyst (CySA+)

Clearance: 

Must possess an active TOP SECRET/SCI clearance.