Nessus Administrator

essus Administrator

Oneida Technical Solutions, LLC (OTS) has a rich history of providing IT support and associated services in highly complex, highly regulated, highly secure environments, including the U.S. Department of Defense (DoD), law enforcement, health care, retail, and the casino gaming industry. We have an exciting opportunity to support the Air Force Enterprise IT as a Service (EITaaS) Wave 1, specifically advancing the solution for bringing the EITaaS IT Service Management offerings to SIPR.

We are currently seeking a Nessus Administrator for an onsite position in Chantilly, VA. We are seeking a skilled Nessus Administrator to manage, configure, and optimize our Nessus vulnerability scanning and assessment platform. The Nessus Administrator will be responsible for ensuring that Nessus is effectively integrated into the organization's vulnerability management processes, running regular scans, troubleshooting issues, and providing detailed reports. This role is pivotal in helping maintain the security posture of our network infrastructure by identifying, assessing, and remediating vulnerabilities.

• Minimum of 10+ years' experience managing vulnerability scanning tools, with a focus on Nessus.
• DoD 8140 compliance, CompTIA Security + or higher
• Must have Active Secret Clearance
• Proven experience administering and configuring Nessus servers, scanners, and plugins
• Experience working with large-scale environments, conducting network vulnerability assessments, and remediating findings.
• Strong understanding of vulnerability management, risk assessment, and remediation processes.
• Familiarity with scripting languages (Python, Bash) for automation of Nessus tasks is a plus.
• Strong troubleshooting and analytical skills to resolve Nessus-related issues and challenges.
• Ability to work effectively in cross-functional teams and support vulnerability management efforts.
• Strong written and verbal communication skills, particularly in explaining technical findings to non-technical stakeholders.
• Ability to manage multiple scanning tasks and projects simultaneously, with a focus on deadlines and priorities
• Key Responsibilities:
  • Installation and Configuration:
    • Install and configure Nessus, Nessus Manager, Nessus Agents, Log Correlation Engine, Nessus Network Monitor, and Security Center on Linux/Unix and Windows environments
    • Install and configure Nessus Agents
    • Secure Tenable servers and enable TLS
  • Integration and Management:
    • Integrate Tenable products with LDAP, Active Directory, and CyberArk
    • Create and manage Tenable Organizations, Repositories, and Scan Zones
    • Manage local and LDAP-based user accounts
    • Configure Tenable plugins/feeds and add audit files
    • Handle product licensing (online and offline)
    • Add scan policies, audit policies, and credentials to Security Center and Nessus Manager
    • Configure Nessus Manager scan pulls to Security Center
  • Security Analysis:
    • Define and implement scan policies and audit policies
    • Add and manage scan credentials
    • Schedule and execute vulnerability scans
    • Generate, import, and upload scan reports for vulnerability assessment
    • Analyze and validate scan results
  • Maintenance and Support:
    • Provide O&M services for Phase 1 tools in the EITaaS Enterprise solution
    • Troubleshoot issues and optimize system performance
    • Stay current with Tenable product updates and security best practices

Qualifications:

• Education:
  • Bachelor's degree in Computer Science, Information Security, Information Technology, or a related field are a plus.
  • Relevant certifications such Certified Ethical Hacker (CEH), or GIAC Security Essentials (GSEC) are a plus.

• Certifications:
  • CompTIA Security+
  • Tenable Certified Nessus Expert (TCNE) or other relevant certifications a plus.
  • Additional certifications such as CISSP, CISM, or CCSP are highly preferred.

Oneida Technical Solutions, LLC is an equal opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, national origin, age, disability, marital status, veteran status, sexual orientation, gender identity, genetic information or any other protected characteristic under applicable law.

#CJ