logo

View all jobs

Vulnerability Assessment & Analysis Specialist (TS/SCI w/Full Scope Poly)

Annapolis Junction/Fort Meade, Maryland · Information Technology
The Kenjya-Trusant Group is seeking a Vulnerability Assessment & Analysis Specialist to support a Government contract in the Annapolis Junction, MD area.

THIS POSITION IS CONTINGENT UPON CONTRACT AWARD

SECURITY REQUIREMENT: TS/SCI w/Full Scope Poly

Job Description:
  • Performs ongoing, comprehensive vulnerability assessments of network cybersecurity risks to enable risk management and mitigation activities.
  • Monitors the adequacy of cybersecurity measures for information systems and reports vulnerability findings to CSSP Watch leadership.
  • Utilizes vulnerability data sources such as network discovery, network and host vulnerability scanning, penetration testing, operational exercise data, and compliance inspection reports.
  • Assesses asset conformity to specified security requirements. Identifies security vulnerabilities and exposures.
REQUIRED CAPABILITIES:
  • Knowledge of Common Vulnerabilities and Exposures (CVEs), cyber threats, and vulnerability mitigation strategies.
  • Conduct research and analysis to stay up to date with current vulnerabilities, provide detailed risk analysis and potential impact.
  • Utilize multiple data sources to determine a vulnerability’s security impact on the enterprise.
  • Analyze, assess, compile, and prioritize vulnerabilities to document and communicate mitigation recommendations.
  • Communicate written and verbal information in a timely, clear, and concise manner.
  • Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). 
  • Understand network security architecture concepts such as topology and protocols.
  • Understand what constitutes network risk, cyberattacks, and the relationship between threats and vulnerabilities.
  • Analyze vulnerability scans.
  • Recognize security implications of vulnerabilities and assess within the context of the risk management process.
  • Utilize analysis tools, such as Verodin, Nessus, or RedSeal, to identify vulnerabilities.
  • Write comprehensive risk assessments on vulnerability impacts.
  • Utilize automated and manual testing methods to validate the vulnerability testing methods; discover inadequate security practices.
  • Identify secondary effects of vulnerabilities and exposures, as well as the impact of the mitigations applied to them.
  • Perform after-action reviews of team products to ensure completion of analysis.
  • Lead and mentor team members as a technical expert.

QUALIFICATIONS:
  • Four (4) years of demonstrated experience as a VAA in programs and contracts of similar scope, type, and complexity is required.
  • One (1) year of demonstrated experience in technical reporting.
  • One (1) year of demonstrated experience in network and threat analysis.
  • A technical bachelor’s degree from an accredited college or university may be substituted for two (2) years of VAA experience on projects of similar scope, type, and complexity.
  • Requires DoD 8570 compliance Information Assurance Technical (IAT) Level I or Level II certification, and Computing Environment (CE) certification. The CE certification requirements can be fulfilled with either Microsoft OS, Cent OS/Red Hat OS CE certifications.
  • Requires successful completion of the Splunk software training course "Fundamentals 1"


 
 
THE KENJYA-TRUSANT GROUP, LLC is a Service-Disabled Veteran-Owned Small Business that was established in 2015 as a merger between The Kenjya Group, Inc. and Trusant Technologies, LLC. Our mission is to implement, support and protect the nation’s advanced technology systems, business processes and high-technology facilities. Working with the Department of Defense, Department of Homeland Security, the Intelligence Community, state and local governments, and commercial clients, Kenjya-Trusant provides cyber protection, information technology, engineering, construction management and acquisition support services. We are a small company with big company benefits, including Health, Dental, Vision, 401K, Bonus Potential, Flexible Spending Account, Life Insurance, Short- and Long-Term Disability, Paid Time Off, and a culture of teamwork and continuous learning. Come grow with us!
 


  
 

More Openings

Systems Administrator III (TS/SCI w/Poly)
Proposal Manager

Share This Job

Powered by