Job Details
Gray Tier Technologies is seeking a Sr. Scanner/Analyst to join our growing team in support of a Security Operations Center on a newly awarded contract. The ideal candidate will have experience working in a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC).
Responsibilities
Provide onsite and remote vulnerability scanning and assessment capabilities as a sustained, full-time program independent of incident detection, recovery, or reporting activities
Work with system owners, system developers, and/or system administrators, to holistically examine the security vulnerability findings and assessments of their systems, through a review of the security scans reports, as requested
Coordinate with the Government to use these findings to inform, expand, or focus vulnerability scanning and monitoring efforts
Create and maintain a method of tracking and reporting on trends identified in the vulnerability assessment process to improve the efficiency or reduce the cost of delivery of the service
Document, maintain, and update processes and procedures for performing and conducting vulnerability scanning, vulnerability analyses, and risk assessments of FAA/DOT systems and networks
Provide documentation, maintenance, and update of processes and procedures of Government-furnished vulnerability assessment tools and penetration testing tools
Ensure all staff are trained and knowledgeable of the vulnerability scanning and penetration testing tools and in the ability to assess vulnerability scan findings
Document vulnerability mitigation processes and procedures as a result of vulnerability findings and risk assessments for FAA/DOT systems and networks, as defined by FAA Policy and Procedures
Document processes and procedures for reporting newly discovered (zero-day) vulnerabilities
Ensure all vulnerability scanning tools and subsystems maintained by FAA SOC are deployed and maintained in accordance with FISMA and NIST assessment and authorization standards
Qualifications
The ideal candidate will have experience leading a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC)
Minimum ten (10) years IT experience
Experience with vulnerability assessment tools including Web Inspect, Nessus and/or Found Scan
Experience working in a SOC-type environment
May be exposed to dust/dirt, humidity, and noise