| Vulnerability Management Analyst 100% remote NOh1B NO CPT at Remote, Remote, USA |
| Email: [email protected] |
| From: Ankit upadhyay, Pivotal Technologies [email protected] Reply to: [email protected] Hello, Tittle: Vulnerability Management Analyst Client: State of Maryland - Department of Information Technology Location: 100% remote but must live in a commutable distance to 100 Community Pl, Crownsville, MD 21032 Interview mode: Virtual looking for a Vulnerability Management Analyst with project lead experience and hands-on engineering experience. The Analyst will be responsible for the planning, implementation, maintenance, and support of the vulnerability management program for a State-Level Security Assessment Function. Duties and Responsibilities: Daily oversight of vulnerability management program Serve as liaison between Security Assessment and Security Operation Center (SOC) functions on matters pertaining to vulnerability scanning for security assessment efforts Plan, execute, monitor and control, and successfully close vulnerability management projects/tasks Configure and schedule patch and secure configurations audit scan jobs (vulnerability scans) Maintain configurations of patch and secure configurations scan jobs i.e., asset lists, scan plugins, STIGs audit files, CIS Benchmarks audit files, scan credentials Troubleshoot and resolve failed patch and secure configurations scan jobs i.e., missing credentials, asset list updates, firewall issues Analyze patch and secure configurations audit scan results and identify and document technical and procedural vulnerability findings Research resolution strategies/measures for identified vulnerability findings and provide remediation/mitigation recommendations Identify false positive findings and determine and advise on the criteria for validating the findings i.e., required artifacts Prepare vulnerability management reports on the status of patch and secure configuration audit scans and associated remediation efforts Communicate status vulnerability management efforts to include regular scheduled reports and as well as ad hoc reports Ensure the vulnerability management platform maintains updated versions of secure configurations scans audit files i.e., proprietary vendor audit files, STIGs audit files, CIS Benchmarks audit files Ensure that vulnerability management services are operating as expected i.e., completeness of the of each scope scan jobs, timely completion of scan jobs, up-to-date patch audit plugins Ensure proper functioning of integrations between the vulnerability management platform and other tools such as asset management and risk management platforms Ensure and data updates from vulnerability management platforms to asset management and risk management platform are running as scheduled Maintain knowledge of applicable cyber defense policies, regulations, and compliance documents specifically related to cyber defense auditing. Development and implementation operational and technical vulnerability management policies Defining, developing, implementing, and processes and procedures for to support and maintain vulnerability management program Minimum Qualifications: Twelve (12) years of experience with NIST Risk Management Framework (RMF) supporting technical assessment (vulnerability scans) of control implementations and continuous monitoring post-system Authority to Operate (ATO) Ten (10) years of hands-on experience in LAN Administration i.e., Hands-on administration of Windows OS and Linux OS, and hands-on basics administration of routers, switches, and firewalls. Five (5) years of hands-on experience with Tenable Security Center/ Nessus Scanners i.e., creating, maintaining, and running scan jobs and analyzing scan results Five (5) years of hands-on experience planning, executing, monitoring and controlling, and closing security assessment projects Ability to work outside of regular business hours, the role may require on-call support after regular business hours or weekends Experience with vulnerability management tools such as Tenable One, Security Center/Nessus Scanners, Tenable.io, Web Inspect, DB Protect etc. Experience with ServiceNow, Vulnerability Response and Governance, Risk, and Compliance (GRC) modules Experience with Window, Linux, Database, and Web Apps system administration Experience in project task technical analysis, planning, and estimation Experience with technology capabilities, market research, technical analysis/review, and recommendation. Other relevant industry certifications such as Security +, CAP, CEH etc. Educational Requirement: Associates or Bachelor s degree from an accredited college or university with a major in Computer Science, Information Systems, Engineering or related scientific or technical discipline. Thanks & Regards, ANKIT UPADHYAY Technical Recruiter Office: +1 (703) 570-8775 (Ext-217) Email- [email protected] Connect with me:-- linkedin.com/in/ankit-upadhyay-a689a1232 Keywords: database active directory procedural language Maryland Vulnerability Management Analyst 100% remote NOh1B NO CPT [email protected] |
| [email protected] View all |
| Sat Aug 03 00:55:00 UTC 2024 |