Vulnerability Manager Level 2
Security | Ft. Meade, MD | Full Time
About Us: Innovating to solve real-world problems
At Applied Insight, we leave no stone unturned in solving our customers’ technology challenges. Supporting the Federal Government with the strongest mission focus, our solutions empower people to collaborate more effectively in delivering services vital to the nation.
On joining the Applied Insight team, you’ll be working to solve real-world problems on missions that matter with people who share your passions and encourage your ambition. It’s vital to us that we hire committed people who are great at what they do. We return that commitment by empowering them with the autonomy, the support and the tools they need to fulfill their true potential.
A day in the life (just a few of the things you may do on any given day):
As the Vulnerability Manager, you will be required to identify, remediate, and mitigate vulnerabilities to prevent exploitation. The VM receives vulnerability input, direction, and guidance from multiple sources and takes directed action to effectively mitigate vulnerabilities in order to protect networks. Leverages an operational understanding of current vendor remediation’s to prioritize vulnerability escalation procedures and integrates continuous monitoring to ensure mitigations fall within prescribed timelines.
The Level 2 Vulnerability Manager shall possess the following capabilities:
- Knowledge of cyber threats and vulnerabilities.
- Determine overall Common Vulnerabilities and Exposures (CVE) priority when threat activity is identified; report incidents that may cause immediate and/or ongoing impact to the environment.
- Monitor and provide periodic system owners vulnerability mitigation completion updates.
- Knowledge of system and application security threats, vulnerabilities, and cyber attackers.
- Monitor external data sources to determine which security issues may have an impact on the enterprise.
- Identify, develop, and determine mitigation or remediation actions for system and network vulnerabilities.
- Communicate written and verbal information in a timely, clear, and concise manner.
- Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).
- Knowledge of system administration, network, operating system hardening techniques, and the risk management process.
- Knowledge of specific operational impacts of cybersecurity lapses and organization's threat environment.
- Recommend impact/risk assessments to identify systemic security issues based on the analysis of vulnerability and configuration data.
- Document and escalate incidents (including event’s history, status, and potential impact for further action); recommend mitigations that will have immediate impact to the environment.
- Perform after-action reviews of team products to ensure completion of analysis.
- Lead and mentor team members as a technical expert.
- Active TS/SCI w/ Polygraph Clearance
- Four (4) years of demonstrated experience as a VM in programs and contracts of similar scope, type, and complexity is required.
- Two (2) years of experience of technical reporting.
- Two (2) years of experience in network and threat analysis.
- A technical bachelor’s degree from an accredited college or university may be substituted for two (2) years of VM experience on projects of similar scope, type, and complexity.
What we will provide in return: Excellent compensation and amazing benefits
- Multiple health insurance options from CareFirst BCBS which include a PPO plan with ZERO deductibles and an HSA plan.
- 401k Immediate Vesting. Company matches 100% of the first 3% contributed and 50% of the next 2% contributed.
- Fully paid long-term disability, short-term disability, and life insurance.
- Flexible Spending Account options.
- Generous paid time off that includes one bucket of leave to use how the employee sees fit; no separate holiday, sick, or vacation.
- Flexible work schedules with the ability to bank extra hours for additional time off.
- Semi-Annual bonuses for hours worked "over standard".
- Government shutdown protection where employees don't have to use leave for up to 3 days out of the year for inclement weather or budget issues.
- Employee centric culture and a belief that we should empower those who are good at what they do and then give them the tools they need to achieve success and grow their career.
- A commitment to learning and growth and easy ways to achieve both including a training budget, education assistance, mentorship programs and collaborative learning sessions.
- A collaborative environment that fosters communication and an open door policy.
www.applied-insight.com. EEO/AA including Vets and Disabled.