Summit Technologies Inc. is seeking a Cyber Vulnerability Analyst with a strong technical background to join our team in support of a US government agency. You will work with a team responsible for Patch and Vulnerability Management, contributing to the security and integrity of vital information systems. This position requires working 2 days per week on site in Washington, DC. Candidates must be eligible for a Public Trust clearance.
Duties and Responsibilities:
- Support IT Security management by conducting technical reviews, analysis, and reporting.
- Provide technical solutions in the areas of vulnerability management, issue analysis, and response development and execution.
- Work closely with various IT systems and teams to ensure compliance with security policies and procedures.
- Configure and fine-tune scanning policies to ensure comprehensive coverage of applications.
- Create and run reports to monitor the status of vulnerabilities and security issues.
- Work with available scripts and tools to automate security tasks and enhance the efficiency of vulnerability management processes.
- Utilize SharePoint and other collaborative platforms to store and share critical security information and findings with the team.
- Use ServiceNow or similar ticketing and incident tracking systems to manage and document requests.
- Perform quality checks on individual work to ensure accuracy and completeness.
- Create detailed work instructions and documentation for vulnerability management processes, facilitating knowledge sharing and team-wide understanding.
- Regularly update and maintain documentation related to security policies, procedures, and standards, keeping them aligned with best practices and regulatory requirements.
- Stay up to date on information technology trends and security standards.
- Prepare quality deliverables, requiring minimal or no edits before client presentation.
- At least 4 years configuring, running, and troubleshooting front end web application scan software.
- Experience supporting a technology infrastructure team, including areas like Networking, Windows, Azure, Unix/Linux, etc.
- History working with technical solutions for security policies and ensuring compliance with those policies and procedures.
- Familiarity with the National Institute of Standards and Technology (NIST) 800-53 and Cybersecurity Framework.
- Thrive in a fast-paced environment, demonstrating adaptability and problem-solving skills.
- Good customer service skills and the ability to document and follow processes.
- Ability to explain complex policies and protocols in simple terms.
- Strong analytical and problem-solving skills to assess potential risks and develop solutions.
- Experience with Qualys Web Application Scanning for vulnerability assessment and management.
- Experience with Tenable Security Center or Tenable.IO for vulnerability assessment and management.
- Experience using scanning software such as eEye Retina, ACAS, OpenVAS, Tenable SC/IO, Nessus, Nexpose, etc.
- An undergraduate degree in Cybersecurity or possess a minimum of 6 years of experience working in a technical environment with diverse IT systems.
- Any of the following - CISSP, CISM, or CompTIA Security+
- Azure Fundamentals
- All candidates must be eligible to obtain a Public Trust Clearance.
- Updated resume including MM/YYYY for each employer.
- Best times/dates to interview (plus phone # you can best be contacted at).
- Availability to start once given formal offers.