Job Description

Staffing Pros, a division of VETS Inc., is recruiting for a full-time Scanning Engineer- Tenable onsite in Beltsville, MD. This position requires an Active Secret Clearance.

This position is located in Beltsville, MD and will be onsite 5 days a week. No hybrid/telework allowed.

Responsibilities:

Vulnerability Scanning:

• Perform regular vulnerability scans across the Department's systems and networks, identifying deviations from acceptable configurations and standards.
• Evaluate and prioritize identified vulnerabilities based on potential impact and risk, and recommend remediation strategies and solutions.
• Collaborate with system owners and administrators to address identified vulnerabilities and ensure timely remediation.

Compliance Scanning:

• Execute enterprise-wide operating system and application compliance verification, assessing adherence to established security policies and best practices.
• Develop security baseline configuration compliance and vulnerability scan policies for Department hosted operating system platforms (e.g., Windows, UNIX, Linux, Cisco, Juniper, etc.).
• Prepare audit reports identifying technical and procedural findings, providing recommended remediation strategies and solutions.
• Perform security authorization audits using NIST Risk Management Framework (RMF), NIST Cybersecurity Framework, and FISMA reporting criteria for security control testing procedures, and create the associated Security Assessment Reports.

Web Application Scanning:

• Conduct web application vulnerability scanning to identify potential security risks and weaknesses in applications and services.
• Collaborate with web developers and application owners to address identified vulnerabilities and ensure the implementation of secure coding practices.
• Monitor emerging web application vulnerabilities and threats, and recommend appropriate mitigation strategies.

Database Scanning:

• Perform database vulnerability scanning to identify potential security risks and weaknesses in database management systems and configurations.
• Collaborate with database administrators to address identified vulnerabilities and ensure the implementation of secure database practices.
• Monitor emerging database vulnerabilities and threats, and recommend appropriate mitigation strategies.

Required Qualifications:

• Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or a related field, and a minimum of 9 years of experience in enterprise scanning, vulnerability management, or cybersecurity.
  • An additional 4 years of experience may be substituted in lieu of degree.
• Must have experience using Tenable software suite to perform vulnerability scanning, discovery scans, and baseline compliance scoring (experience in running and administering Tenable.SC and/or Tenable.IO to be able to take on architecture and tool development tasks).
  
• Currently hold one of the professional certifications listed below:
  • CASP+ CE, CCNA Cyber Ops, CCNA-Security, CCNP Security, CEH, CFR, CISA, CISSP (or Associate), Cloud+, CySA+, GCED, GCIA, GCIH, GICSP, SCYBER, VCA DCV, PPDA, Agile IC, SNOW App Dev.
• In-depth knowledge of vulnerability, compliance, web application, and database scanning methodologies and best practices.
• Familiarity with various operating systems (Windows, UNIX, Linux, Cisco, Juniper, etc.).
• Demonstrated analytical and problem-solving skills, with the ability to identify and resolve complex security issues.
• Demonstrated excellent communication and interpersonal skills, with the ability to work collaboratively with cross functional teams.
• Active Secret security clearance.
  • Additional ability to obtain a final Top Secret clearance.

EEO Statement

Staffing Pros a division of VETS-inc is an Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information.

Job Tags

Full time, For contractors, Remote work,

Similar Jobs