The Vulnerability Assessor is responsible for the evaluation of networks and systems to identify vulnerabilities with the goal of helping an organization improve its security posture. This is a highly technical hands-on role that will utilize the knowledge of common ports, protocols and services (PPS), knowledge of system administration, operating systems and creativity skills. It is an opportunity for a team player to enhance a world-class team and learn new skills.
Conduct host/network/application vulnerability and compliance assessments as a member of a technical team
Assess networks and systems for compliance with NIST, local policies and other DOD and commercial publications
Configure, execute, validate and contextualize the output of vulnerability discovery tools such as Nmap, Nessus, Nexpose and SCAP
Work extensively from the Windows and UNIX/Linux command line (e.g. Bash and PowerShell)
Research and formulate recommendations for vulnerabilities
Employ extensive use of Microsoft Office main tools: Word, Excel, PowerPoint and Visio to prepare plans, reports, diagrams, tables, briefings, etc.
Be able to present, demonstrate, explain and document operational impact of a particular vulnerability or the combination of many vulnerabilities and flaws
Develop proof-of-concept examples and scenarios for reports and live demonstrations
Create/document tactic, techniques and procedures (TTP) to train and expand/share knowledge with customers and team members
TYPICAL EDUCATION AND EXPERIENCE: Bachelors degree and 0 years related experience.