G269ISSE1 - Vulnerability Assessment Analyst - Cleared

• Maintain and optimize the Tenable Security Center infrastructure.
• Conduct regular security patching, assessments and scans on Linux Security Center servers using Tenable Nessus.
• Mitigate STIGS/Vulnerabilities on Tenable Linux Security Center Servers and Windows/Linux Nessus Scanning Servers.
• Install and update Tenable Nessus Software on Linux/Windows Scanning Servers.
• Install and update Tenable Security Center Software on Linux Servers.
• Configure and fine-tune scanning policies and asset lists to ensure thorough vulnerability coverage.
• Keep abreast of the latest Tenable Security Center features and updates.
• Perform regular vulnerability assessments of multiple device types and Operating Systems using Tenable Security Center.
• Utilize Nessus Scanning Tool to identify vulnerabilities across customer assets on a Continuous Monitoring basis.
• Review Nessus/ACAS scan results and provide direction where required.
• Recognizes potential, successful, and unsuccessful scan results for efficiency in reporting compromises thorough reviews and analyses of relevant event detail and summary information.
• Analyze scan results and generate comprehensive vulnerability reports.
• Monitor and track vulnerability remediation progress.
• Collaborate with other teams to ensure timely vulnerability remediation.
• Communicate effectively with stakeholders about the security posture and potential risks.
• Prepare and deliver clear and concise reports to management and stakeholders.
• Maintain accurate records of security incidents and vulnerabilities.

Requirements

TS/SCI with poly required

• 7 years of related experience and a Bachelor of Science.
• 4 additional years of experience can be substituted for a degree.
• Familiarity with STIGs, Tenable Audit files, and / or CIS Benchmarks
• Hands-on operational experience with enterprise vulnerability management and scanning solutions, such as Tenable
• Knowledge of system and application security threats and vulnerabilities
• Working knowledge of networking, Linux/Unix, Windows administration, patch deployment and system configuration
• Certified Ethical Hacker

One of the Following Certifications is Required:

• A+
• Network+
• CCNA Security
• CySA+
• GICSP
• GSEC
• Security+
• CND
• SSCP
• CASP
• CCNP Security
• CISA
• CISSP
• GCED
• GCIH
• CCSP

Desired:

• In-depth knowledge of vulnerability assessment methodologies, tools, and best practices
• Self-starter, ability to work effectively both independently and as part of a team including the ability and desire to own every aspect of a task from start to finish
• Strong analytical and problem-solving abilities, with a keen attention to detail

Benefits