Summit Technologies, Inc. is looking fora Vulnerability Scan Analyst to assist others with the scan environment, troubleshoot issues, and facilitate vulnerability problem resolution with applicable service desks. You must be a US citizen, as this is part of a government contract that requires a Secret security clearance.
Duties and Responsibilities:
- Operate, maintain, and administer approved security scanners to plan, create, manage, and retire scheduled or ad hoc scan and scan groups for workloads across NIPRNet and SIPRNet.
- Develop, distribute, and manage execution against the schedule of vulnerability scans.
- Maintain and ensure scans, accounts, and configurations are set in accordance with best practice guides and privileged access policies and procedures.
- Analyze mission requirements and organizational feedback to create, maintain, and improve scan results.
- Test and evaluate scanning tools and configurations.
- Maintain Mission Partner point of contact information, Internet Protocol (IP) ranges, and website/Universal Resource Locator (URL) information on the Data site via SharePoint.
- Create and deliver a Collective Trend Analysis Report and trend analysis including resolution data aimed at influencing the development of security strategies.
- Determine Ports/Protocols and Services Management (PPSM) compliance; provide mitigations, strategies, and false positive determinations.
- Create and deliver vulnerability scan reports, no later than two weeks after the scan is complete.
- When initiated by the Mission Partner, assist with a review of the report (i.e., answer questions, identify what was scanned, assist if assets were skipped).
Required Experience and Skills:
- Minimum 4 years of Cybersecurity/Vulnerability Scanning experience.
- Proficiency with MS Office Suite products and SharePoint collaborative tools.
- Experience with STIGs and by-product analysis.
- Working knowledge of government cybersecurity policies and procedures.
- Strong interpersonal and communication skills (oral and written).
Education:
- A Bachelor’s degree in fields such as Information Technology, Cybersecurity, or Computer Science; Or CEH certification.
Certification:
- 8570 IAT Level II (CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CNS, SSCP).
Security Clearance:
- DoD Secret security clearance