The Computer Systems Security Analyst will serve as a Vulnerability Management Support Analyst as part of the Vulnerability Management Support Analyst Group. The Vulnerability Management Support Analyst Group (VMSAG) is a dedicated remediation-focused group for “HIGHLY” vulnerable systems. The group identifies, remediates, and tracks systems with high quantities of unresolved Information Assurance Vulnerabilities (IAV). The candidate will be part of an IA engineering group responsible for identifying systems with a high density of unresolved IAVs, that tracts and brings into compliance High Interest IAVs for the United States Army Corps of Engineers and addresses security issues caused by problematic software. The candidate will work on a list of known system and security tool configuration issues that may be contributing to the target system’s non-compliance. Be responsible for remotely connecting to high vulnerability density workstations, through remote access capabilities, to remediate vulnerability findings and resolve any contributing system related issues. Work with operations staff to isolate the root causes and sources for non-compliance and assist them in implementing remedial action.
- Ensure that “highly” vulnerable systems are 0-3% of total population
- Participate in Remedy Support Group
- Interface with end users, IA Teams, and Operation Support Teams
- Utilize SCCM Client Health tool and Windows Management Interface (WMI) focused command line scripts
- Identify SCCM Clients not reporting in 21 days
- Counter SCCM Client Health issues
- Analyze vulnerability assessment data to identify technical risks to the organization
- Conduct analysis and aggregation of vulnerability data from various sources
- Continue self-development of knowledge, skills and abilities to better support execution of the Information Security (IS) function
- Bachelor's degree in IT Security related field or Associates Degree with two years equivalent experience.
- Familiarity with ACAS reporting and Nessus scan data
- Basic understanding of network protocols
- Good Analytical skill set (Root Cause Analysis, analyzing scan data)
- Knowledge of Incident Response procedures, forensics
- Knowledge of how to create or apply GPOs (either local or domain)
- Knowledge of different Microsoft patching processes and how they work
- Operating System knowledge and/or certifications
- Industry recognized certification in security (Sec+, CISSP, etc.)
- Technical security certifications preferred, such as GPEN, CISM, and/or CISSP
- Experience in enterprise programming languages and common scripting languages are a plus.
- Experience supporting/working with the U.S. Army Corps of Engineers
- Experience with DISA STIGs
- Experience with USCybercom IAVM program
- Experience running and managing vulnerability assessment tools
- Excellent verbal and writing skills and the ability to write clear and concise assessment reports.
- Ability to execute in a high-pressure environment with tight timeframes
Candidate must be a US Citizen and possess (as well as maintain) a Final Secret Clearance.