Current jobs related to Vulnerability Assessment Engineer - Washington - ShorePoint

  • Cyber Vulnerability Assessment Expert

    2 weeks ago

    Washington, Washington, D.C., United States Peraton Full time

    Job SummaryWe are seeking a highly skilled and experienced Cybersecurity Specialist to join our team at Peraton. As a key member of our Defensive Cyber Operations team, you will be responsible for conducting penetration testing, vulnerability assessments, and security evaluations to identify and mitigate potential threats to our customers' systems and...

  • Apps and Server Vulnerability Engineer

    4 months ago

    Washington, United States Serigor Inc. Full time

    Job DescriptionJob DescriptionJob Title: Apps and Server Vulnerability Engineer (Onsite)Location: Washington, DCDuration: 12 Months+Job Description:We are looking for a talented and experienced Application and Server Vulnerability Assessment Engineer to join our team. The ideal candidate will be responsible for performing comprehensive security assessments...

  • Vulnerability Management Support Engineer

    3 months ago

    Washington, United States Coalfire Federal Full time

    Coalfire Federal is a market leading cybersecurity consultancy that provides independent and tailored advice, assessments, technical testing, and a full suite of cybersecurity engineering services to Federal agency customers. Coalfire Federal along with its parent company, Coalfire, has an unparalleled client list with deep customer relationships with...

  • Vulnerability Management Support Engineer

    2 months ago

    Washington, United States Coalfire Federal Full time

    Coalfire Federal is a market leading cybersecurity consultancy that provides independent and tailored advice, assessments, technical testing, and a full suite of cybersecurity engineering services to Federal agency customers. Coalfire Federal along with its parent company, Coalfire, has an unparalleled client list with deep customer relationships with...

  • Analyst IT Vulnerability Management

    2 months ago

    Washington, United States JetBlue Airways Corporation Full time

    Analyst IT Vulnerability ManagementJetBlue Airways Corporation - Washington, DCPosition Title: Analyst Vulnerability Management - Network Position SummaryAt JetBlue, cyber security is driven by the concepts of Risk Management and Threat-Informed Defense, the study of current threats, actors and techniques to prioritize risks and adapt defenses, controls and...

  • Vulnerability Management Specialist

    3 weeks ago

    Washington, Washington, D.C., United States Govcio LLC Full time

    Position Overview: GovCIO is actively seeking a Vulnerability Management Specialist. This role is integral to our mission of enhancing government IT services.Key Responsibilities: As a Vulnerability Management Specialist, you will oversee the Vulnerability Management Team, focusing on minimizing the attack surface of our global computing assets through...

  • Lead Cybersecurity Vulnerability and Penetration Testing Specialist

    3 weeks ago

    Washington, United States Sev1Tech Full time

    Position Overview Sev1Tech is seeking a Lead Cybersecurity Vulnerability and Penetration Testing Specialist to contribute to a significant program focused on network security, cybersecurity, and cloud engineering support services for a government client dedicated to safeguarding security and public safety. This role encompasses a diverse array of...

  • Cybersecurity Vulnerability Analyst

    3 weeks ago

    Washington, United States Coalfire Federal Full time

    About Coalfire FederalCoalfire Federal stands as a premier cybersecurity consultancy, delivering independent and customized guidance, evaluations, technical assessments, and a comprehensive range of cybersecurity engineering services to Federal agency clients. With a robust client portfolio and strong relationships with leading cloud and technology firms,...

  • Expert Vulnerability Researcher

    1 week ago

    Washington, United States ManTech International Corporation Full time

    Job SummaryWe are seeking a highly skilled Expert Vulnerability Researcher to join our team at ManTech International Corporation. As a key member of our cybersecurity team, you will be responsible for identifying and analyzing vulnerabilities in our systems and technologies.Key ResponsibilitiesLead efforts to identify and assess vulnerabilities in our...

  • Senior Vulnerability Code Analyst

    2 weeks ago

    Washington, United States CODICE Full time

    Job DescriptionJob DescriptionSalary: $60-$75 per hourPOSITION SUMMARY:CODICE seeks a highly skilled Senior Vulnerability Code Analyst specializing in Ruby-on-Rails to join our team. This role is critical in ensuring the security of our client’s platforms by performing thorough vulnerability code analysis prior to the deployment of every change. The ideal...

  • Senior Vulnerability Code Analyst

    4 weeks ago

    Washington, United States CODICE Full time $60 - $75

    Job DescriptionJob DescriptionPOSITION SUMMARY: CODICE seeks a highly skilled Senior Vulnerability Code Analyst specializing in Ruby-on-Rails to join our team. This role is critical in ensuring the security of our client’s platforms by performing thorough vulnerability code analysis prior to the deployment of every change. The ideal candidate will possess...

  • Security Assessment Specialist

    3 weeks ago

    Washington, Washington, D.C., United States Cyber Security Innovations Full time

    Job OverviewCyber Security Innovations is seeking a Security Assessment Specialist to become a vital part of our team for an upcoming Security and Privacy Evaluation initiative within the non-profit telecommunications sector. This role is essential in fortifying our defenses against potential technical security vulnerabilities.This position offers a hybrid...

  • Senior Manager, Threat and Vulnerability Management Expert

    3 days ago

    Washington, Washington, D.C., United States CIRCLE Full time

    About the RoleCircle is a pioneering financial technology company at the forefront of the emerging internet of money, where value can flow freely and securely. As a Senior Manager, Threat and Vulnerability Management, you will play a critical role in shaping our security strategy and ensuring the integrity of our cloud-based infrastructure.Key...

  • Senior Vulnerability Code Analyst

    2 weeks ago

    Washington, United States Educology Solutions Full time

    Job DescriptionJob DescriptionSalary: ESI is seeking a Senior Vulnerability Code Analyst to support work for one of our customers.Duties & ResponsibilitiesExtensive knowledge and hands on experience in Ruby-on-Rails.Perform vulnerability code analysis on the code running HBXs platforms.Vulnerability code analysis is expected to be performed prior to...

  • Lead Vulnerability Management Analyst

    2 weeks ago

    Washington, Washington, D.C., United States Summit Technologies, Inc. Full time

    Job OverviewSummit Technologies, Inc. is seeking a Lead Vulnerability Management Analyst to enhance our IT Security operations. This role involves conducting thorough technical assessments, analyzing vulnerabilities, and implementing effective solutions in the realm of vulnerability management and incident response. The position entails a hybrid work model,...

  • Senior Cyber Vulnerability Analyst

    3 days ago

    Washington, Washington, D.C., United States Peraton Full time

    Job SummaryWe are seeking a highly skilled Cyber Vulnerability Analyst to join our team at Peraton. As a Cyber Vulnerability Analyst, you will be responsible for identifying and assessing vulnerabilities in our customers' systems and networks.Key ResponsibilitiesUtilize offensive toolsets to safely analyze and penetration test production networks and...

  • Expert Vulnerability Researcher

    5 days ago

    Washington, Washington, D.C., United States ManTech Full time

    Secure Our Nation, Ignite Your FutureBecome an integral part of a diverse team while working at a leading organization in the cybersecurity industry, where employees are valued and empowered to excel. At ManTech, you'll contribute to protecting national security while working on innovative projects that offer opportunities for growth and...

  • Cybersecurity Assessment Specialist

    3 weeks ago

    Washington, Washington, D.C., United States Fusion Technology LLC Full time

    Job Overview Cybersecurity Assessment Specialist Are You the Right Fit? Dependable Professional: Your dependability is crucial, mirroring the confidence placed in you by governmental entities. An active Public Trust security clearance (or the capability to obtain one) is essential. Additionally, you should be eligible for Department of Homeland Security...

  • Senior Vulnerability Management Analyst w/TS Clearance

    4 months ago

    Washington, United States Arcetyp LLC Full time

    Job DescriptionJob DescriptionSalary: Arcetyp LLC is a growing small business that provides a broad range of consulting services to US Federal Government, US Military, and Commercial clients.  Services include Management & IT Consulting, Program & Project Management, and Professional & Admin Services. We are recruiting to fill a position to lead business...

  • Nessus SME

    1 week ago

    Washington, Washington, D.C., United States Gunnison Consulting Group Inc Full time

    About the RoleGunnison Consulting Group Inc is seeking a highly skilled Nessus SME to join our team. As a Nessus SME, you will be responsible for developing and implementing a vulnerability scanning strategy using Nessus, prioritizing software development assets.Key ResponsibilitiesDevelop and implement a vulnerability scanning strategy using Nessus,...

Vulnerability Assessment Engineer

4 months ago

Washington, United States ShorePoint Full time
Job DescriptionJob DescriptionSalary:

Who we are:

 

ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.  

 

The perks:


As recognized members of the Cyber Elite, we work together in partnership to defend our nation’s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certification maintenance and reimbursement, etc.


Who we’re looking for:


We are seeking a Vulnerability Assessment Engineer who has experience providing support in a dynamic, fast-paced environment within the public sector. The Vulnerability Assessment Engineer will perform comprehensive assessments that produces actionable security recommendations that are tailored to the assessed environment, to include vulnerability assessment and vulnerability management. This is a unique opportunity to join an exciting company where you will have a voice and be an active participant in driving growth and shaping our companies’ culture.


What you’ll be doing:


  • Work closely with target organizations to ensure full comprehension of the standard security controls; conduct site visits as required.
  • Assist with security controls compliance assessments using established matrixes of tailored control and provide expert support in assessments of target organizations.
  • Provide support to Vulnerability Management programs.
  • Provide support to assessed organizations to ensure proper tracking of Plan of Action and Milestone (POA&M) items.
  • Provide support and conduct annual reviews of the security controls (or some subset of the security controls) to ensure continued compliance as requested.
  • Assist with establishing footholds on endpoints within monitored organizations networks to provide day-to-day visibility into the security posture.
  • Provide expert support for the development and maintenance of develop of processes and best-practices for evaluating A&A data through a standard scorecard.
  • Utilize industry standard tools for automating the review of system configuration and security control compliance.
  • Conduct periodic NIST controls assessments in support of network authorization and continuous monitoring.
  • Provide detailed observations from controls assessments in the form of Security Assessment Report (SAR) and Risk Assessment Report (RAR) documents.
  • Employ a scan-patch-scan methodology to ensure all systems identify and receive appropriate security patches.
  • Conduct vulnerability scanning using industry standard tools (e.g., Tenable Nessus) on a weekly to bi-weekly basis.
  • Report scan result data to appropriate system administrators to aid in the deployment of system updates and patches.
  • Develop a mitigation plan detailing a prioritized timeline for patch deployment (e.g., 30-60-90-day patch deadlines based on each finding’s severity level).
  • Conduct false positive analysis and vulnerability analysis to determine the legitimacy of all detected vulnerabilities as well as prioritize their remediation.
  • Configure the identified application to effectively ingest, process, and report vulnerability data collected during assessments as well as data provided from organizations’ self-assessments.
  • Conduct long term trend analysis, identifying improvements or degradations in system security posture across the enterprise.
  • Provide dashboard views of data roll-ups from all facets of assessed systems (e.g., risk, vulnerability data, POA&M status) to present high-level executive summary reports to government leadership.


What you need to know:


  • Ability to conduct Vulnerability Assessments using industry tools - NESSUS, Tenable, etc. Experience with Tenable (Tenable.io or Tenable.sc) in an enterprise environment highly preferred.
  • Experience in vulnerability management strategies, standards, procedures and technologies across infrastructure and application-level vulnerabilities.
  • Experience scanning Windows, RHEL and Centos Operating Systems and troubleshooting scans, to include the ability to communicate with customers daily describing the results of scans.
  • Experience scanning Virtual environments to include VMware vSphere infrastructures.
  • Network devices, Databases (Oracle, MSSQL, MySql, Postgres), and websites web with Tenable.sc.
  • Intermediate to advanced knowledge of the following platforms in an enterprise environment: Windows and RHEL, routing, switching, IDS, IPS, Firewalls.
  • An understanding of mapping and scanning applications and systems, including port scanning, identifying services and configurations, application flow charting, and session analysis.


Must have’s:


  • Bachelors in Cybersecurity, Computer Science/Electrical Engineering, Engineering, or IT
  • Shall possess one or more of the following certifications: (ISC)2 Certified Information Security Professional (CISSP), ISACA Certified Information Systems Auditor (CISA), SANs GIAC certification (e.g., GPEN or GW APT), and EC-Council Certified Ethical Hacker (CEH)
  • Ability to obtain and maintain a customer required Top Secret clearance with SCI eligibility and pass a Counterintelligence (CI) polygraph.


Beneficial to have the following:

 

  • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • Comprehensive knowledge in the one or more of the following areas: information security, network security, Windows security, UNIX/Linux security, and web application security.
  • Demonstrated success and understanding of accepted frameworks such as, ISO/IEC 27001, COBIT, and NIST, including 800-53 rev 5 and the ATO process.
  • Ability to research new trends, techniques, and packaging of malicious software to stay current and ready to identify and handle zero-day exploits.


Where it’s done:


  • Washington, D.C.