Vulnerability Management Analyst

Overview

Amyx is seeking to hire a remote Vulnerability Management Analyst to support the Document Automation Content Service (DACS) project. This role focuses on vulnerability management for assigned web applications, analyzing vulnerabilities, assessing risk, and facilitating remediation efforts. The analyst will collaborate with stakeholders to ensure compliance with Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIG) and DLA/DOD information security policies.

Responsibilities

• Responsibilities and Daily Tasks:

  • Serve as the primary vulnerability management analyst for assigned web applications.
  • Analyze identified vulnerabilities, assess associated risks, and recommend mitigation strategies.
  • Use web application vulnerability scanners to discover vulnerabilities and manually review applications to identify risks.
  • Collaborate with stakeholders and mission partners to prioritize remediation efforts based on risk assessments.
  • Ensure implementation of appropriate security settings and compliance with DISA STIGs and DLA/DOD security policies.
  • Validate remediation actions, confirm compliance with security policies, and provide regular security and compliance reports.
  • Track and report security issues, coordinating with stakeholders to drive resolution.
  • Provide technical guidance and recommendations to improve security posture and mitigate risks.
  • Must have the ability to communicate accurate information

  Supported Technologies:

  • Web application vulnerability scanners (e.g., Nessus, Acunetix, or similar tools).
  • .NET framework and associated applications.
  • Windows Server operating systems.
  • OpenText suite of applications.
•  

Qualifications

Experience:

• Five (5) years of progressive, relevant experience in the field of Information System Security.
• Hands-on experience with web application vulnerability scanners.
• Experience working with .NET, Windows Server OS, and OpenText suite of applications.

Security/Certification Requirements:

• Active DoD SECRET Clearance and eligibility for an IT-II clearance upon assignment.
• Relevant certification from a nationally recognized technical authority.
• DoD Approved 8570 Baseline Certification: Category IAM Level II.( CISM, CISSP (or Associate), GSLC, or CCISO))

Technical Expertise:

• Strong understanding of web application vulnerabilities, risk characterization, and remediation techniques.
• Familiarity with DISA STIG compliance and remediation processes.

Benefits include:

• Medical, Dental, and Vision Plans (PPO & HSA options available)
• Flexible Spending Accounts (Health Care & Dependent Care FSA)
• Health Savings Account (HSA)
• 401(k) with matching contributions
• Roth
• Qualified Transportation Expense with matching contributions
• Short Term Disability
• Long Term Disability
• Life and Accidental Death & Dismemberment
• Basic & Voluntary Life Insurance
• Wellness Program
• PTO
• 11 Holidays
• Professional Development Reimbursement

Please contact talent@amyx.com with any questions!

Amyx is an Equal Opportunity employer. Amyx is committed to providing equal employment opportunity to all job seekers. Every qualified applicant receives focused consideration for employment and no one is discriminated against on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status. In addition to federal law requirements, Amyx complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. Equal Opportunity Employer- Minorities/Females/Veterans/Individuals with Disabilities/Sexual Orientation/Gender Identity. Amyx is an E-Verify employer.Amyx proudly and proactively takes affirmative action to advance employment of individuals who are minorities, women, protected veterans and individuals with disabilities. Physical DemandsEmployee needs to be able to sit at a workstation for extended periods; use hand(s) to handle or feel objects, tools, or controls; reach with hands and arms; talk and hear. Most positions require ability to work on desktop or laptop computer for extended periods of time reading, reviewing/analyzing information, and providing recommendations, summaries and/or reports in written format. Must be able to effectively communicate with others verbally and in writing. Employee may be required to occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds. Regular and predictable attendance is essential.