Information Security Privacy Analyst Senior
Looking for a rewarding and challenging career with a dynamic, growing organization? Phacil is your answer. We have an immediate need for a CND (Network Defense) Analyst to support an important government customer in Lorton, VA
Clearance Level (Required to Start): TS
Daily Job Responsibilities:
- Working as a VAT (Vulnerability Assessment Team) Analyst
- Provide expert-level systems administration
- Support enterprise scanning and assessment tools
- Provide information security support through vulnerability identification and testing, and perform assessment and mitigation of vulnerabilities, internally and externally.
- Work in an integrated team environment, manage and administer automated and manual vulnerability scan tools, and ensure that appropriate reports are delivered on-time, management and clients are well informed, and SLA's are met.
- Maintain appropriate relationships with subject matter experts inside and outside of organization to ensure they adhere to internal and industry best practices in the vulnerability assessment and management processes.
- Use and administer various scanning and assessment tools to identify system vulnerabilities and test security controls in enterprise and lab computing environments, including defense targets, such as virtual servers, Web servers, mail servers, databases, wireless equipment, mobile devices, endpoints, network devices, and applications.
- Provide recommended remediation steps and countermeasures to reduce risk exposure and strengthen defense in depth.
- Work with internal and client-team administrators and developers to help them comprehend and implement server hardening for Windows, UNIX, and secure system development principles.
- Lead remediation projects and assessments to successful resolution, present findings and discuss concepts with stakeholders and management, and provide assessment and vulnerability management, scan tools administration, and engineering.
- Understanding of Ports and Protocols,
- Good written and oral communication,
- Experience with operating and administrating Tenable Nessus or Tenable Security Center, administrating scanning environments and architecture, risk assessment methods and assessment reports,
- Knowledge of Windows, UNIX, and Linux servers at an advance level and knowledge of common exploitation methods.
- 4+ years of cyber security engineering & system administration experience with a proven track record of handling increasing responsibilities.
- Demonstrated hands-on security compliance/vulnerability assessment scanning expertise including: defining scan rules, downloading/updating plug-ins & add-ons, coordinating/scheduling scans with environment stakeholders, executing scans, reporting scan results, and working with other teams to remediate scan findings using program processes. (ACAS/Security Center/Nessus preferred but in-depth experience with similar products acceptable.)
Degree Required/Equivalent Experience w/o degree
- Bachelor’s Degree preferred/3 years experience w/o degree, 1 year experience with degree
Certification Requirements (e.g. CCNP, CCNP):
- Security+CE, CEH
Travel Requirement (e.g. 10%):
Any additional info regarding work environment (e.g. core hours, shift work, remote work, flex time, etc.):
- Mon-Fri, 9 am-6 pm
Phacil is an Equal Opportunity Employer. Minorities/Women/Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to sex, race, color, religion, national origin, age, protected veteran status, or disability status.
Current government customers include Department of Agriculture, Department of Commerce, Department of Homeland Security, Department of Justice, Department of State, Department of Treasury, Federal Bureau of Investigation, US Air Force, US Army, US Navy, DoD Office of Inspector General, to name a few.
Development, Integration, Operations & Maintenance, CyberSecurity, Geographical Information Systems, Technical Consulting, Business Operations, Information Technology