The Kenjya-Trusant Group is seeking a Vulnerability Assessment & Analysis Specialist to support a Government contract in the Annapolis Junction, MD area.

THIS POSITION IS CONTINGENT UPON CONTRACT AWARD

SECURITY REQUIREMENT: TS/SCI w/Full Scope Poly

Job Description:

• Performs ongoing, comprehensive vulnerability assessments of network cybersecurity risks to enable risk management and mitigation activities.
• Monitors the adequacy of cybersecurity measures for information systems and reports vulnerability findings to CSSP Watch leadership.
• Utilizes vulnerability data sources such as network discovery, network and host vulnerability scanning, penetration testing, operational exercise data, and compliance inspection reports.
• Assesses asset conformity to specified security requirements. Identifies security vulnerabilities and exposures.

​REQUIRED CAPABILITIES:

• Knowledge of Common Vulnerabilities and Exposures (CVEs), cyber threats, and vulnerability mitigation strategies.
• Conduct research and analysis to stay up to date with current vulnerabilities, provide detailed risk analysis and potential impact.
• Utilize multiple data sources to determine a vulnerability’s security impact on the enterprise.
• Analyze, assess, compile, and prioritize vulnerabilities to document and communicate mitigation recommendations.
• Communicate written and verbal information in a timely, clear, and concise manner.
• Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). 
• Understand network security architecture concepts such as topology and protocols.
• Understand what constitutes network risk, cyberattacks, and the relationship between threats and vulnerabilities.
• Analyze vulnerability scans.
• Recognize security implications of vulnerabilities and assess within the context of the risk management process.
• Utilize analysis tools, such as Verodin, Nessus, or RedSeal, to identify vulnerabilities.
• Write comprehensive risk assessments on vulnerability impacts.
• Utilize automated and manual testing methods to validate the vulnerability testing methods; discover inadequate security practices.
• Identify secondary effects of vulnerabilities and exposures, as well as the impact of the mitigations applied to them.
• Perform after-action reviews of team products to ensure completion of analysis.
• Lead and mentor team members as a technical expert.

QUALIFICATIONS:

• Four (4) years of demonstrated experience as a VAA in programs and contracts of similar scope, type, and complexity is required.
• One (1) year of demonstrated experience in technical reporting.
• One (1) year of demonstrated experience in network and threat analysis.
• A technical bachelor’s degree from an accredited college or university may be substituted for two (2) years of VAA experience on projects of similar scope, type, and complexity.
• Requires DoD 8570 compliance Information Assurance Technical (IAT) Level I or Level II certification, and Computing Environment (CE) certification. The CE certification requirements can be fulfilled with either Microsoft OS, Cent OS/Red Hat OS CE certifications.
• Requires successful completion of the Splunk software training course "Fundamentals 1"

THE KENJYA-TRUSANT GROUP, LLC is a Service-Disabled Veteran-Owned Small Business that was established in 2015 as a merger between The Kenjya Group, Inc. and Trusant Technologies, LLC. Our mission is to implement, support and protect the nation’s advanced technology systems, business processes and high-technology facilities. Working with the Department of Defense, Department of Homeland Security, the Intelligence Community, state and local governments, and commercial clients, Kenjya-Trusant provides cyber protection, information technology, engineering, construction management and acquisition support services. We are a small company with big company benefits, including Health, Dental, Vision, 401K, Bonus Potential, Flexible Spending Account, Life Insurance, Short- and Long-Term Disability, Paid Time Off, and a culture of teamwork and continuous learning. Come grow with us!