Vulnerability Analyst

KeenLogic is seeking to hire a Senior Vulnerability Analyst to join our team at the Drug Enforcement Administration. As a Vulnerability Analyst, you will play a crucial role in maintaining security measures to protect an organization's infrastructure and data. This role requires a deep understanding of security technologies, security best practices, and a proactive approach to identifying and mitigating security risks.

This is a full-time position offering Fortune 500-level benefits, PTO, 401k, and Life Insurance. This is a remote position, on-site as needed, based out of the Sterling, VA area.

Qualifications:

• Master s degree in Engineering, Computer Science, Information Security, or Information Systems
• 8+ Years of Related Experience
• Secret Clearance/Interim Secret

Key Responsibilities:

• Perform in-depth analysis of vulnerabilities by correlating data from various sources.
• Proactively research and monitor security-related information sources for vulnerability discovery.
• Assess impact of vulnerabilities on critical systems or data and advise on remediation.
• Maintain patch and vulnerability management practices to protect against exploitation.
• Manage tracking and remediation of vulnerabilities, obtaining action plans from stakeholders and using ticketing systems.
• Research current vulnerabilities and exploits using trusted resources.
• Document remediation tasks for application and system owners.
• Report findings and remediation recommendations to stakeholders (e.g., executive reports, trends reports).
• Assist system engineering team in configuring and deploying vulnerability scanning and network assessment tools.
• Support Incident Detection and Response team in daily operations.
• Conduct scans to identify vulnerabilities and ensure security standards compliance.
• Coordinate with external researchers and organizations during the disclosure process for responsible reporting and resolution.
• Collaborate with teams to implement and utilize automated tools for vulnerability management.
• Coordinate with teams to perform regular patching and scanning.

Experience needed:

• Extensive experience in vulnerability management, patch management, and configuration management best practices.
• Knowledge of researching vulnerabilities, exploitation techniques, and industry trends/threats.
• Familiarity with Common Weakness Enumeration (CWE) and Common Vulnerability Scoring System (CVSS).
• Experience with vulnerability and compliance scanning tools.
• Ability to interpret security advisories and understand vulnerability exploitation and impact.
• Project management experience.
• Experience with patching procedures for Linux, Windows, etc.
• Ability to self-direct project outcomes and achieve program goals with minimal supervision.

Powered by JazzHR

pQfe3cRu7s