Vulnerability Assessment Engineer
9/23/16
ManTech (www.mantech.com)
Other
/yr
Full Time
Employee
Contractor
Washington
United States
Become an integral part of a diverse team that leads the world in the Mission, Cyber, and Intelligence Solutions group. At ManTech International Corporation, you ll help protect our national security while working on innovative projects that offer opportunities for advancement.
Currently, ManTech is seeking a motivated, career and customer oriented Vulnerability Assessment Engineer to join our team in the Washington, DC area to provide unparalleled support to our customer and to begin an exciting and rewarding career within ManTech. The selected individual will wok on the FBI Vulnerability Assessment Team (SAT) and appropriately contribute to the daily workload of a highly-skilled and diverse group of security assessment testers.
Responsibilities include, but are not limited to:
- Perform quarterly vulnerability scans and analysis of scans of FBI enterprise systems and applications
- Conduct vulnerability and/or compliance assessments
- Ensure that SOP's are updated and followed accordingly
Support compliance activities for information systems and applications being accredited through the FBI C&A process - Support RiskVision Team in integrating automated capability to caputre vulnerability scan results
- Support all IA SAA activities throughout the SAA process and ensure that all documentation is developed and maintained
- Perform IS penetration testing as directed
- Ensure that the SAT Lab is configured and maintained, to include hardware (server and laptop) and software inventories, server and VMWare configuration management, patching, etc
- Support all IA SAA activities throughout the SAA process and ensure that all documentation is developmed and maintained
- Perform compliance assessments and test new systems
- Develop Plan of Actions & Mitigations as needed
- Implement and maintain an effective security program
- Ensure that all FISMA requirements and documented and submitted on schedule
- Initiate, with approval from the FBI PM or Team Lead, any corrective measures when vulnerabilities are discovered
- Maintain the inventory and software baseline of systems/software used to scan non-enterprise information systems and application
- Support the security posture of the FBI through analysis of vulnerabilities of systems that host critical informaion.
- This may include evaluating underlying vulnerabilities within Unix-like environments
- Use of Risk Vision to generate a Security Assessment Plan and Security Assessment Report
- Monitor and evaluate a system's compliance with IT security, resiliance and dependability requirements
- Provide an accurate technical evaluation of the software application, system, or network, documenting the security posture, capabilities and vulnerabilities against relevant information assurance policies
Position Requirements:
- Bachelors degree and six or more years of experience
- Must possess excellent oral and written communication and time-management skills
- Thorough technical proficiency with common commercial and or open source vulnerability assessment tools and techniques used for evaluating operating systems, networking devise, databases and web applications
- Broad knowledge of security best practices, security solutions, and methodologies for conducting advance security assessments, to include manual assessments and malicious user testing
- Strong understanding of NIST Special Publications 800-37, 800-53 and 800-118
- Experience with at least 3 of the following applications: Agiliance Risk Vision, Application Security (AppDetective), DB Protect, Cenzic Hailstorm, HP WebInspect, Tenable Nessus Vulnerability Scanner, Tenable Security Center or NMAP
- Must have one of the following certifications; CISSP, GCIH, GPEN, GWAPs
Security Requirements:
US Citizenship and active TS clearance and SSBI
To apply for this job, contact:
Human
Resources