MindPoint Group is seeking a Vulnerability Management Analyst to assist our Federal client in the development and maintenance of the full lifecycle of Vulnerability Management services from discovery, triage, advising, remediation, and validation. The role can be remote. The candidate will:
- Support the development and maintenance of Vulnerability Management services, including vulnerability scanning, vulnerability assessments, and providing advisory and tracking support for vulnerability remediation.
- Operate and configure agency tools used for vulnerability testing and identification
- Review agency Vulnerability Management plans/policies and update documents as needed
- Coordinate with customers regarding scanning schedule and scope
Review, analyze, validate, and report on vulnerability scan results
- Develop and disseminate operational and executive-level reports on vulnerability status to stakeholders involved in remediating vulnerabilities
- Work with stakeholders as necessary to develop vulnerability remediation strategies and track status
- Identify areas for improvement and/or efficiencies including processes, tools, and templates; Identify relevant metrics
- Develop processes and document procedures in a Standard Operating Procedures (SOP) format for use by other team members and to enhance efficiencies
- Coordinate with other teams, including ISSOs and penetration testers to share information as needed
- Opportunity to perform security testing activities, such as penetration testing and application/vulnerability assessment
Qualifications
**Secret clearance required**
What skills do you need?
- Bachelor’s Degree, or an equivalent combination of formal education, experience
- Minimum of three (3) years of professional experience in information security or information technology role and two (2) years of experience in Vulnerability Management
- Experience conducting vulnerability scans, including configuration and use of tools such as Tenable Security Center and/or Qualys
- Experience executing security testing activities such as penetration testing and application/vulnerability assessments
- Knowledge of cybersecurity frameworks, controls and standards, and best practices (e.g., FISMA, ISO 27K, CMMC, NIST)
- Knowledge of cloud and network security
- Proven track record of identifying and recommending improvement initiatives
- Excellent people skills and the ability to work both independently and in a team environment
- Excellent communication skills, both written and verbal
- Excellent organizational skills with the ability to multi-task and meet deadlines.
Job Type: Full-time
Pay: $100,000.00 - $125,000.00 per year
Benefits:
- 401(k)
- 401(k) matching
- Dental insurance
- Flexible schedule
- Health insurance
- Tuition reimbursement
- Vision insurance
Experience level:
- 3 years
Schedule:
- 8 hour shift
- Monday to Friday
Education:
- Bachelor's (Preferred)
Experience:
- Vulnerability management: 2 years (Required)
Security clearance:
- Secret (Required)
Work Location: Hybrid remote in Washington, DC 20220