Vulnerability Analyst

About The Position

Requirements

• 10+ years of experience.
• Must meet DOW 8140 requirements and be eligible for IAT level II.
• Must possess and maintain a Top Secret/SCI Security Clearance.
• BA/BS or the equivalent combination of education, technical training, or work/military experience.
• A minimum of five (5) years' experience in building, maintaining, and supporting ACAS related technologies: Tenable.sc, Nessus Agent, and Nessus Network Monitor.
• Experience with data analytics, preferably using Excel, Access, SQL, Tableau, Power BI and Tenable.sc API.
• Must have completed ACAS Operator and Supervisor course within the last three years.
• Ability to work in a team-oriented, collaborative environment.
• Ability to work efficiently in a fast-paced environment and multi-task while still ensuring high quality of work
• Highly organized with strong ability to prioritize work and work autonomously
• Excellent verbal and written communication skills
• Great attention to detail and presentation
• Results driven, highly efficient, energetic, and highly motivated

Nice To Haves

• Knowledge of how traffic flows across the network (TCP/IP, OSI, ITIL).
• Knowledge of authentication methods and supporting protocols.
• Skilled in conducting vulnerability scans and recognizing vulnerabilities in systems.
• Developing and presenting briefings to senior leadership.

Responsibilities

• Conduct and Manage ACAS Vulnerability Scanning, including Tenable.sc, Nessus Agent and Nessus Network Monitor.
• Analyze policies, configurations, and evaluate compliance with regulations and directives.
• Maintain knowledge of applicable policies, regulations, and compliance documents specifically related to ACAS.
• Perform vulnerability assessments and security reviews to identify weaknesses and vulnerabilities within systems that affect the confidentiality, integrity and availability of data.
• Analyze vulnerability reports and suggest remediation / mitigation plans.
• Coordinate with cybersecurity administrators to improve security tools for monitoring and increasing coverage of existing tools.
• Collect, aggregate, synthesize, analyze and report on data from multiple sources and formats.
• Provide technical support to system owners to propose mitigation and remediation solutions to identified vulnerability and security issues.
• Leverage enterprise methodologies and patterns.
• Develop high level system design diagrams and system documentation.
• Evaluate, analytically and systematically, problems with workflows, organization and planning and develop appropriate corrective actions.
• Excellent written and verbal communication skills, with a strong attention to detail and superior ability for problem solving.

Benefits

• Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match.
• To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
• To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available.
• We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.