717 - Vulnerability Assessment Team (VAT) Lead, Secret Clearance Minimum
Zeneth Technology Partners
Zeneth is looking for a Vulnerability Assessment Team (VAT) Lead that enjoys working in a highly collaborative, fast-paced environment to join our growing Federal Cybersecurity Practice. This is a vital role to help ensure the security of our nation’s infrastructure. If you have a passion and a desire to lead a team to help protect critical assets from cyber attacks, this role is perfect for you. In this role, you will lead a vulnerability assessment team that performs assessments using industry leading tools such as Tenable Nessus. You will act as the primary interface and lead for your team while also being an active participant in the assessment process while managing the delivery of staff assignments, as needed. This position will require occasional travel to other locations throughout the US and is located in Alexandria, VA.
Ideal candidates should possess the following skills and execute tasks as described below:
· 7+ years of experience conducting vulnerability assessments
· 7+ years of experience as a manager and leader
· Knowledge of one or more of the following cyber security systems:
o DoD Host Based Security System (HBSS)
o Assured Compliance Assessment Solution (ACAS)
o Continuous Monitoring and Risk Scoring (CMRS)
o Joint Incident Management System (JIMS)
o Enterprise Mission Assurance Support Service (eMASS)
o DHS Information Assurance Compliance System (IACS)
· Protect the customer’s portion of the DoDIN from cyber threats, both foreign and domestic, through the use of cybersecurity systems, in combination with Techniques, Tactics, and Procedures (TTP) and information sharing with DOD, DHS, and other federal agencies.
· Support the Independent Verification & Validation (IV&V) scanning program for enterprise C4IT systems by maintaining the customer’s Network scanning program requirements. IV&V scanning requirements include but not limited to monthly vulnerability scans on IT systems connected to classified and unclassified enterprise networks.
· Support the development of Security Assessment and Vulnerability Reports for scans completed.
· Support performing security assessments for all IT systems, to include hardware, software, websites and other IT technologies, as requested.
· Support the development of Security Assessment and Vulnerability Reports for all security assessments
· Perform both pre-CCRI and post-CCRI security assessments and reporting requirements on units scheduled for DISA CCRI.
· Assist in the coordination and implementation of IA policies, procedures, and training programs. Identify and report gaps in the existing IA policy and procedures and provide recommendations.
· Evaluate emerging Security Information Appliance technologies for potential implementation.
· Support operations on a variety of Information Assurance tools including but not limited to standalone versions of Tenable Nessus (a.k.a. ACAS), and Hewlett Packard (HP) Web- Inspect applications.
· Provide recommendations on configuration changes, updates and vulnerability analysis for the ACAS tool when needed.
· Support the requirements and capabilities of web site security review for web filtering and trusted sites, and web site certificates.
· Ability to clearly convey results in formal technical reports and deliver briefings to senior client staff
· Identify and/or determine whether a security incident is indicative of a violation of law that requires specific legal action.
· Direct and/or implement operational structures and processes to ensure an effective enclave IA security program including boundary defense, incident detection and response, and key management.
· Examine enclave vulnerabilities and determine actions to mitigate them.
· Analyze IA security incidents and patterns to determine remedial actions to correct vulnerabilities.
· Provide support for IA customer service performance requirements.
· Provide support for the development of IA related customer support policies, procedures, and standards.
· Provide OJT for IAT Level I and II DoD personnel.
· Analyze IAVAs and Information Assurance Vulnerability Bulletins for enclave impact and take or recommend appropriate action.
· Demonstrates exceptional troubleshooting methodology and solving problem skills
· Prior military experience in an active duty, reserve or support contractor role is highly preferred
· Bachelor of Science degree in Computer Science, Management Information Systems, or a field related to technology or equivalent. Additional experience can be substituted for a degree.
· Active security certifications at both the DoD 8570 IAT Level III (e.g., CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH and CSSP-AU (e.g., CEH, CySA+, CISA, GSNA, CFR) levels.
· Excellent verbal and written communication skills with the ability to communicate clearly and effectively based on the audience
· Candidates should already have an active Secret security clearance at a minimum with the ability to upgrade to TS/SCI if required
· Works well in a team environment
Zeneth is an Equal Opportunity Employer (EOE), qualified applicants are considered for employment without regard to age, race, color, religion, sex, national origin, sexual orientation, disability, or veteran status.