Vulnerability Manager
3 weeks ago
As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies
Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace
The company serves as a valued partner to essential government agencies and supports every branch of the U.S
armed forces
Each day, our employees do the can't be done by solving the most daunting challenges facing our customers
Visit peraton.com to learn how we're keeping people around the world safe and secure.
Responsibilities Key Responsibilities:
• Developing strategies to identify, manage, and mitigate identified threats and vulnerabilities to attain desired risk profile and communicate strategies to key stakeholders.
* Maintaining appropriate management reporting mechanisms to facilitate communication of the vulnerability management program state across multiple levels within the organization.
* Coordinating and collaborating with Senior Compliance Manager to correctly configure and operate the automated testing cybersecurity readiness platform.
• Improving Vulnerability Identification, Management and Remediation of any discovered vulnerability in accordance with SLAs.
• Working closely with both government and leads technology-oriented personnel to ensure adequate processes are in place and actions are being taken to mitigate identified risks proactively.
* Using various tools such as ServiceNow, Splunk, and Office Automation to perform vulnerability management duties.
* Performing technical (evaluation of technology) and non-technical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (i.e., local computing environment, network and infrastructure, enclave boundary, and supporting infrastructure)
* Implementing and managing a POA&M process for remediation by creating a POA&M for each known vulnerability and security weakness.
• Providing a detailed vulnerability scan report of the results gathered from the initial aggregation of the patch management cycle.
• Collecting, aggregating, and reviewing Intrusion Detection System/Intrusion Prevention System (IDS)/IPS) security-relevant devices within the centralized Security Incident Event Management (SIEM) system.
• Developing vulnerability and security compliance procedures in accordance with agency policies and DHS requirements.
* Conducting vulnerability scanning and analysis continuously, in accordance with agency and other government directed requirements.
• Utilizing a Common Vulnerability Scoring System (CVSS) to assess, prioritize, mitigate, and remediate any discovered vulnerabilities and known exploited vulnerabilities (KEV), per SLAs.
• Responding to major incidents requiring coordination with different offices, divisions, or agencies.
* Managing the security vulnerabilities and risks across network including identifying, supporting application/system owners to manage risks and remediate vulnerabilities.
*Contingent on Contract Award* Qualifications Basic Qualification:
• U.S
Citizen; eligible for U.S
Secret Security Clearance.
* 6 years' experience, or BS/BA with 2 - 11 years, or MS with 1 - 9 years, or PhD with 1 - 3 years of experience; four (4) years of experience can be substituted in lieu of a bachelor's degree.
* Working knowledge of security tools, e.g., Qualys and Tenable Nessus to provide real-time view of IT assets, network security events, and consolidated vulnerability and compliance data.
* Knowledge of common information security management frameworks such as CIS Controls, ITIL, NIST or other leading frameworks.
* Knowledge of information security principles and practices to include, but not limited to, the following areas: Vulnerability Scanning; Security Information and Event Management; Host Based Security; Malware Prevention
* An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood and actionable manner.
* Hold any security related certification such as CISSP, CISA, SCA, CSAM, VMDR, Security+.Preferred Qualification:
• Active Secret Security Clearance.
* Highly self-motivated and adaptable to learning and understanding new technologies.
* CISSP, SCA
Target Salary Range $86,000 - $138,000
This represents the typical salary range for this position based on experience and other factors
SCA / Union / Intern Rate or Range EEO An Equal Opportunity Employer including Disability/Veteran
Our Values Benefits At Peraton, our benefits are designed to help keep you at your best beyond the work you do with us daily
We're fully committed to the growth of our employees
From fully comprehensive medical plans to tuition reimbursement, tuition assistance, and fertility treatment, we are there to support you all the way.
• Paid Time-Off and Holidays
* Retirement
* Life & Disability Insurance
* Career Development
* Tuition Assistance and Student Loan Financing
* Paid Parental Leave
* Additional Benefits
* Medical, Dental, & Vision Care
-
Vulnerability Manager
4 weeks ago
Washington, Washington, D.C., United States SAIC Career Site Full timeDescription SAIC is looking for a Vulnerability Manager to join our team supporting a US Government Agency in the National Capital Region. This is an exciting opportunity to lead a team delivering Vulnerability Management Services by conducting scanning and reporting on the Agency's IT infrastructure and business systems.**On site work will be required 2...
-
Vulnerability Assessment Analyst
2 weeks ago
Washington, DC, United States ActioNet Full timeDescriptionActioNet has an immediate opportunity for a Vulnerability Assessment Analyst requiring Public Trust in The Washington DC metropolitan area. ActioNet is an IT service provider and solutions integrator headquartered in Vienna, VA, that works with the Federal Government and the Department of Defense. In this role, you will perform assessments of...
-
Mitigation & Vulnerability SME
2 weeks ago
Washington, United States SiloSmashers Full timeJob DescriptionJob DescriptionkGENERAL POSITION DESCRIPTIONThe Mitigation and Vulnerability SME Level III will support an Operations & Maintenance team as a part of a large, complex cybersecurity, engineering and PMO contract for a federal customer.The Mitigation and Vulnerability SME Level III will be responsible for coordinating and streamlining the...
-
IT Security Vulnerability Management Specialist
2 weeks ago
Washington Highlands, Washington, D.C., United States OCT Consulting, LLC Full timeOCT Consulting, LLC is an SBA-certified, 8(a) small business management and technology consulting firm that provides support to Federal Government clients. We provide consulting services in the areas of Strategy, Process Improvement, Change Management, Program and Project Management, Acquisition/Procurement, and Information Technology. OCT is currently...
-
Senior Vulnerability Analyst
14 hours ago
Washington, United States Science Applications International Corporation Full timeAs a Cybersecurity Analyst, you will play a crucial role in supporting IT Security management by conducting technical review, analysis, reporting, and working with technical solutions in the areas of vulnerability management, issue analysis, and resp Vulnerability, Security Analyst, Senior, Project Management, Operations, Cybersecurity Analyst
-
Vulnerability Analyst
6 days ago
Washington, United States Techcella Full timeCompany DescriptionTechcella is a niche organization providing our business partners with unparalleled service and delivery of projects in a short period of time. Our specialized staff has extensive experience in several domains in the market, including Federal Government, telecommunications, finance, defense, e-commerce, and education. We pride ourselves on...
-
Vulnerability Analyst
3 days ago
Washington, United States Techcella Full timeCompany DescriptionTechcella is a niche organization providing our business partners with unparalleled service and delivery of projects in a short period of time. Our specialized staff has extensive experience in several domains in the market, including Federal Government, telecommunications, finance, defense, e-commerce, and education. We pride ourselves on...
-
Vulnerability Analyst
1 week ago
Washington, United States Techcella Full timeCompany DescriptionTechcella is a niche organization providing our business partners with unparalleled service and delivery of projects in a short period of time. Our specialized staff has extensive experience in several domains in the market, including Federal Government, telecommunications, finance, defense, e-commerce, and education. We pride ourselves on...
-
Vulnerability Analyst
1 week ago
Washington, United States Techcella Full timeCompany DescriptionTechcella is a niche organization providing our business partners with unparalleled service and delivery of projects in a short period of time. Our specialized staff has extensive experience in several domains in the market, including Federal Government, telecommunications, finance, defense, e-commerce, and education. We pride ourselves on...
-
Senior Vulnerability Analyst
3 days ago
Washington, United States SAIC Full timeDescription SAIC is seeking a highly skilled Senior Vulnerability Analyst with a strong technical background to join our team in support of a critical US government agency in the National Capital Region. This is an exciting opportunity to work with a team responsible for Patch and Vulnerability Management, contributing to the security and integrity of vital...
-
Senior Vulnerability Analyst
3 weeks ago
Washington, Washington, D.C., United States SAIC Career Site Full timeDescription SAIC is seeking a highly skilled Senior Vulnerability Analyst with a strong technical background to join our team in support of a critical US government agency in the National Capital Region. This is an exciting opportunity to work with a team responsible for Patch and Vulnerability Management, contributing to the security and integrity of vital...
-
Cyber Vulnerability Analyst
3 weeks ago
Washington, United States Information Protection Solutions Full timeJob DescriptionJob DescriptionRESPONSIBILITYAnalyze and manage risk management issues by identifying, measuring, and making decisions on operational or enterprise risks for an organization. Conduct web application and code testing for all systems and applications, and open source dependencies, providing analysis and risk assessments for vulnerabilities...
-
Senior Vulnerability Analyst
2 weeks ago
Washington, United States Summit Technologies Full timeSummit Technologies, Inc. is looking for a Senior Vulnerability Analyst. You will support IT Security management by conducting technical reviews, analyzing, reporting, and utilizing technical solutions in the areas of vulnerability management, issue analysis, response development and execution. This position requires working 2 days per week on site and is...
-
Senior Vulnerability Analyst
3 weeks ago
Washington, United States Summit Technologies, Inc. Full timeJob DescriptionJob DescriptionSummit Technologies, Inc. is looking for a Senior Vulnerability Analyst. You will support IT Security management by conducting technical reviews, analyzing, reporting, and utilizing technical solutions in the areas of vulnerability management, issue analysis, response development and execution. This position requires working 2...
-
Washington, Washington, D.C., United States ASRC Federal Holding Company Full timeASRC FEDERAL Broadleaf Division is seeking a Vulnerability and Patch Management Engineer for our contract located at the Pentagon.JOB DESCRIPTION: The candidate shall have an in-depth knowledge of multi-platform engineering; planning, coordinating, and executing patch management operations, creating baselines and configuring hardened systems. Candidate will...
-
Washington, United States ASRC Federal Holding Company Full timeASRC FEDERAL Broadleaf Division is seeking a Vulnerability and Patch Management Engineer for our contract located at the Pentagon. JOB DESCRIPTION : The candidate shall have an in-depth knowledge of multi-platform engineering; planning, coordinating, and executing patch management operations, creating baselines and configuring hardened systems....
-
Vulnerability Assessor Sr
2 weeks ago
Washington, United States Gray Tier Technologies LLC Full timeGray Tier Technologies is seeking a Senior Vulnerability Assessor with an active Secret clearance to support our DOI customer's Security Operation Center in DC or Reston Virginia. The Department of the Interior (DOI) protects America's natural resources and heritage, honors our cultures and tribal communities, and supplies the energy to power our future....
-
Vulnerability Assessor Sr
3 days ago
Washington, United States Gray Tier Technologies LLC Full timeGray Tier Technologies is seeking a Senior Vulnerability Assessor with an active Secret clearance to support our DOI customer's Security Operation Center in DC or Reston Virginia. The Department of the Interior (DOI) protects America's natural resources and heritage, honors our cultures and tribal communities, and supplies the energy to power our future....
-
Washington, United States ASRC Federal Holding Company Full timeJOB DESCRIPTION: The candidate shall have an in-depth knowledge of multi-platform engineering; planning, coordinating, and executing patch management operations, creating baselines and configuring hardened systems. Candidate will have strong experience with centrally managed Linux and Window systems patched through automated processes or in some cases...
-
Senior Risk
3 weeks ago
Washington Highlands, Washington, D.C., United States OCT Consulting, LLC Full timeOCT Consulting, LLC is an SBA-certified, 8(a) small business management and technology consulting firm that provides support to Federal Government clients. We provide consulting services in the areas of Strategy, Process Improvement, Change Management, Program and Project Management, Acquisition/Procurement, and Information Technology. OCT is currently...