Vulnerability Assessment & Analysis Specialist Level 2
Security | Ft. Meade, MD | Full Time
About Us: Innovating to solve real-world problems
At Applied Insight, we leave no stone unturned in solving our customers’ technology challenges. Supporting the Federal Government with the strongest mission focus, our solutions empower people to collaborate more effectively in delivering services vital to the nation.
On joining the Applied Insight team, you’ll be working to solve real-world problems on missions that matter with people who share your passions and encourage your ambition. It’s vital to us that we hire committed people who are great at what they do. We return that commitment by empowering them with the autonomy, the support and the tools they need to fulfill their true potential.
A day in the life (just a few of the things you may do on any given day):
As the Vulnerability Assessment & Analysis Specialist, you will perform ongoing, comprehensive vulnerability assessments of network cybersecurity risks to enable risk management and mitigation activities. Monitors the adequacy of cybersecurity measures for information systems and reports vulnerability findings to CSSP Watch leadership. Utilizes vulnerability data sources such as network discovery, network and host vulnerability scanning, penetration testing, operational exercise data, and compliance inspection reports. Assesses asset conformity to specified security requirements. Identifies security vulnerabilities and exposures..
The Level 2 Vulnerability Assessment & Analysis Specialist shall possess the following capabilities:
- Knowledge of Common Vulnerabilities and Exposures (CVEs), cyber threats, and vulnerability mitigation strategies.
- Conduct research and analysis to stay up to date with current vulnerabilities, provide detailed risk analysis and potential impact.
- Utilize multiple data sources to determine a vulnerability’s security impact on the enterprise.
- Analyze, assess, compile, and prioritize vulnerabilities to document and communicate mitigation recommendations.
- Communicate written and verbal information in a timely, clear, and concise manner.
- Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- Understand network security architecture concepts such as topology and protocols.
- Understand what constitutes network risk, cyberattacks, and the relationship between threats and vulnerabilities.
- Analyze vulnerability scans.
- Recognize security implications of vulnerabilities and assess within the context of the risk management process.
- Utilize analysis tools, such as Verodin, Nessus, or RedSeal, to identify vulnerabilities.
- Write comprehensive risk assessments on vulnerability impacts.
- Utilize automated and manual testing methods to validate the vulnerability testing methods; discover inadequate security practices.
- Identify secondary effects of vulnerabilities and exposures, as well as the impact of the mitigations applied to them.
- Perform after-action reviews of team products to ensure completion of analysis.
- Lead and mentor team members as a technical expert.
What we are expecting from you (i.e. the qualifications you must have):
- Active TS/SCI w/ Polygraph Clearance
- Four (4) years of demonstrated experience as a VAA in programs and contracts of similar scope, type, and complexity is required.
- One (1) year of demonstrated experience in technical reporting.
- One (1) year of demonstrated experience in network and threat analysis.
- A technical bachelor’s degree from an accredited college or university may be substituted for two (2) years of VAA experience on projects of similar scope, type, and complexity.
What we will provide in return: Excellent compensation and amazing benefits
- Multiple health insurance options from CareFirst BCBS which include a PPO plan with ZERO deductibles and an HSA plan.
- 401k Immediate Vesting. Company matches 100% of the first 3% contributed and 50% of the next 2% contributed.
- Fully paid long-term disability, short-term disability, and life insurance.
- Flexible Spending Account options.
- Generous paid time off that includes one bucket of leave to use how the employee sees fit; no separate holiday, sick, or vacation.
- Flexible work schedules with the ability to bank extra hours for additional time off.
- Semi-Annual bonuses for hours worked "over standard".
- Government shutdown protection where employees don't have to use leave for up to 3 days out of the year for inclement weather or budget issues.
- Employee centric culture and a belief that we should empower those who are good at what they do and then give them the tools they need to achieve success and grow their career.
- A commitment to learning and growth and easy ways to achieve both including a training budget, education assistance, mentorship programs and collaborative learning sessions.
- A collaborative environment that fosters communication and an open door policy.
www.applied-insight.com. EEO/AA including Vets and Disabled.