Vulnerability Assessment Analyst (TS/SCI w/ Polygraph)

Description

About us:

COMSO, Inc. is a powerhouse when it comes to empowering federal government stakeholders to fulfill their mission with confidence and efficiency. Our staff brings knowledgeable IT systems expertise, software development proficiency, innovative learning solutions for workforce development, and exceptional operations and production support. We were founded in 1988, and remain a recognized woman owned small business, operating in several states including Maryland, Georgia, Hawaii, Texas, and Alaska. We are honored to be recognized as a Top Workplace for six years running by the Baltimore Sun Media Group.

Currently, we are seeking a Vulnerability Assessment Analyst to join our Team!

**TS/SCI w/ POLYGRAPH REQUIRED BEFORE CONSIDERATION.**

Shift: Day Shift - Mon-Fri 

Primary Responsibilities:

• Maintain and optimize the Tenable Security Center Infrastructure
• Conduct regular security patching, assessments, and scans on Linux Security Center servers using Tenable Nessus
• Mitigate STIGS/Vulnerabilities on Tenable Linux Security Center Servers and Windows/Linux Nessus Scanning Servers
• Install and update Tenable Nessus Software on Linux/Windows Scanning Servers
• Install and update Tenable Security Center Software on Linux Servers
• Configure and fine-tune scanning policies and asset lists to ensure thorough vulnerability coverage
• Keep abreast of the latest Tenable Security Center features and updates
• Perform regular vulnerability assessments of multiple device types and OS using Tenable Security Center
• Utilize Nessus Scanning Tool to identify vulnerabilities across customer assets on Continuous Monitoring basis
• Review Nessus/ACAS scan results and provide direction where required
• Recognizes potential, successful and unsuccessful scan results for efficiency in reporting compromises through reviews and analyses of relevant event detail and summary information
• Analyze scan results and generate comprehensive vulnerability reports
• Monitor and track vulnerability remediation progress
• Collaborate with ISS and other teams to ensure timely vulnerability remediation
• Communication effectively with stakeholders about the security posture and potential risks 
• Prepare and deliver clear and concise reports to management and stakeholders
• Maintain accurate records of security incidents and vulnerabilities

Required Skills:

• Familiarity with DISA STIGS, Tenable Audit files, and/or CIS Benchmarks
• Hands-on operational experience with enterprise vulnerability management and scanning solutions, such as Tenable
• Knowledge of system and application security threats and vulnerabilities
• Working knowledge of networking, Linux/Unix, Windows administration, patch deployment and system configuration

Desired Skills:

• In-depth knowledge of vulnerability assessment methodologies, tools and best practices
• Self-starter, ability to work effectively both independently and as a part of a team including the ability and desire to own every aspect of a task from start to finish
• Strong analytical and problem-solving abilities, with attention to detail 

Education & Experience:

• Bachelors degree & 7 years' experience
• No degree & 11 years' experience
• CompTIA Security+

Clearance Requirements:

• TS/SCI w/ POLYGRAPH REQUIRED BEFORE CONSIDERATION

Benefits: Medical, Dental, Vision, 401K (vested immediately), FSA, LTD/ STD, Paternal Leave, PTO, Federal Holidays to include Birthday, a 2-week Sabbatical, and Emergency Facility Closure Days.

COMSO, Inc. is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender, gender identity, national origin, disability, or protected Veteran status.