Job Details
Description
ActioNet has an immediate opportunity for a Vulnerability Assessment Analyst requiring Public Trust in The Washington DC metropolitan area. ActioNet is an IT service provider and solutions integrator headquartered in Vienna, VA, that works with the Federal Government and the Department of Defense. In this role, you will perform assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.
As a member of the Cyber security team, you will provide advice and counsel to an IT service delivery organization providing and supporting IT infrastructure.
What is in it for you?
* Opportunity to join a dynamic team helping to advance climate research by securing data collection systems and infrastructure
* Opportunity to join ActioNet, named the best place to work each year for 9th year in a row
* Generous salary and competitive benefits
Duties and Responsibilities
* Analyze the organization's cyber defense policies and configurations and evaluate compliance with regulations and organizational directives.
* Maintain deployable cyber defense audit toolkit (e.g., specialized cyber defense software and hardware) to support cyber defense audit missions.
* Maintain knowledge of applicable cyber defense policies, regulations, and compliance documents related to cyber defense auditing.
* Prepare audit reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions.
* Perform technical (evaluation of technology) and nontechnical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, supporting infrastructure, and applications).
Basic Qualifications:
* 4+ years of experience as a Vulnerability Assessment Analyst for the Federal government
* Knowledge of network security architecture concepts, including topology, protocols, components, and principles (e.g., application of defense-in-depth).
* Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
* Knowledge of application vulnerabilities.
* Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
* Knowledge of what constitutes a network attack and a network attack's relationship to both threats and vulnerabilities.
* Knowledge of penetration testing principles, tools, and techniques.
* Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
* Skill in the use of penetration testing tools and techniques.
* Skill in using network analysis tools to identify vulnerabilities (e.g., fuzzing, nmap, etc.).
* Skill in conducting application vulnerability assessments.
* Must actively hold at least one of the following certifications: CompTIA A+, CompTIA Network+, CompTIA Security+, GCIH, GSEC, GSE, GISP, GSLC, CAP, SSCP, CISSP, CISA
Preferred Qualifications:
* Higher level of the certifications listed above
* Training in one or more of the following areas: FedRAMP, ITILv3, McAfee, Microsoft Azure Cloud, Nessus, NIST RMF, Penetration Testing, Plan of Action and Milestones (PO&AMs), Privacy Impact Assessment (PIA), Privacy Threshold Analysis (PTA)
* Experience in marine or aviation industries
* Bachelor's Degree in IT or a related field from an accredited college or university
* Possess or be eligible to obtain and maintain a Secret Security Clearance
ActioNet is a CMMI-DEV Level 4, CMMI-SVC Level 4, ISO 20000, ISO 27001, ISO 9001, HDI-certified, woman-owned IT Solutions Provider with strong qualifications and expertise in Agile Software Engineering, Cloud Solutions, Cyber Security and IT Managed Services. With 24+ years of stellar past performance, ActioNet is the premier Trusted Innogrator!
Why ActioNet?
At ActioNet, our Passion for Quality is at the heart of everything we do:
* We are committed to making ActioNet a great place to work and continue to invest in our ActioNeters
* We are committed to our customers by driving and sustaining Service Delivery Excellence
* We are committed to giving back to our Community, helping others, and making the world a better place for the next generation
ActioNet is proud to be named a Top Workplace for the ninth year (2014 - 2022). We have 98% of Customer retention rate. We are passionate about the inspirational missions of our customers, and we entrust our employees and teams to deliver exceptional performance to enable the safety, security, health, and well-being of our nation.
What's in It For You?
As an ActioNeter, you get to be part of an exceptional team and a corporate culture that nurtures mutual success for our customers, employees, and communities. We give you the tools to be successful; all you need to do is bring your best ideas, your energy, and a desire to develop your skills, experience, and career. Are you ready to make a difference?
ActioNet is an equal-opportunity employer and values diversity at our company. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.