Senior Scanner/ Analyst

Gray Tier Technologies is seeking a Sr. Scanner/Analyst to join our growing team in support of a Security Operations Center on a newly awarded contract. The ideal candidate will have experience working in a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC).

Responsibilities
• Provide onsite and remote vulnerability scanning and assessment capabilities as a sustained, full-time program independent of incident detection, recovery, or reporting activities
• Work with system owners, system developers, and/or system administrators, to holistically examine the security vulnerability findings and assessments of their systems, through a review of the security scans reports, as requested
• Coordinate with the Government to use these findings to inform, expand, or focus vulnerability scanning and monitoring efforts
• Create and maintain a method of tracking and reporting on trends identified in the vulnerability assessment process to improve the efficiency or reduce the cost of delivery of the service
• Document, maintain, and update processes and procedures for performing and conducting vulnerability scanning, vulnerability analyses, and risk assessments of FAA/DOT systems and networks
• Provide documentation, maintenance, and update of processes and procedures of Government-furnished vulnerability assessment tools and penetration testing tools
• Ensure all staff are trained and knowledgeable of the vulnerability scanning and penetration testing tools and in the ability to assess vulnerability scan findings
• Document vulnerability mitigation processes and procedures as a result of vulnerability findings and risk assessments for FAA/DOT systems and networks, as defined by FAA Policy and Procedures
• Document processes and procedures for reporting newly discovered (zero-day) vulnerabilities
• Ensure all vulnerability scanning tools and subsystems maintained by FAA SOC are deployed and maintained in accordance with FISMA and NIST assessment and authorization standards

Qualifications
• The ideal candidate will have experience leading a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC)
• Minimum ten (10) years IT experience
• Experience with vulnerability assessment tools including Web Inspect, Nessus and/or Found Scan
• Experience working in a SOC-type environment
• May be exposed to dust/dirt, humidity, and noise