NetGO Inc. Senior Vulnerability Management Analyst Remote · Full time

Apply for Senior Vulnerability Management Analyst

NetGO, is a minority-owned Virginia-based business with strong qualifications in Building, Securing, and Managing IT infrastructure for Public and Commercial Sectors. NetGO holds a strong position and reputation providing support to various federal agencies to meet their small-business utilization requirements with high-caliber products and services offerings, for their critical business processes. Through our proven project management and cost engineering methodology services, we ensure that our clients get maximum return on their investment by managing systems to meet their current and future needs.

100% Fully Remote Position

Responsibilities:

• Monitoring vulnerability scans and the status of scanning appliances in enterprise datacenters 
• Participating in deployment meetings, reviewing network topologies to place scanners in proper areas of networks to gain visibility to assess security posture 
• Running scheduled and ad hoc security reports detailing enterprise security posture 
• Researching and troubleshooting networking issues and events to find root-cause analysis 
• Develops risk-based mitigation strategies for networks, operating systems, and applications 
• Conduct continuous monitoring and evaluate the effectiveness of the enterprise's cybersecurity safeguards
• Review security vulnerabilities across a variety of technologies and environments to resolve high risk vulnerabilities to business assets.
• Review and define requirements for information security solutions 
• Provide recommendations and guidance to the customer enabling program improvements and reducing risk across the enterprise. 

Qualifications:

• Strong analytical and verbal communication skills 
• Demonstrated ability to interact effectively with senior management and leadership 
• 7-10 years of successful network and cloud-based troubleshooting experience 
• Experience managing a large and complex network 
• Maintain knowledge of applicable cyber defense policies, regulations, and compliance documents specifically related to vulnerability management. 
• Expertise with tools such as Nessus, Burp Suite, Metasploit, Kali Linux, NMAP, Nikto, WPScan, SQLmap
• Ability to craft enterprise-specific implementation guidance for system owners who are attempting to satisfy NIST SP 800-53 controls. 
• Experience with an ISCM tool and leading ISCM tactics, tools, and procedures 
• Experience and specialized training in DoD’s ACAS and HBSS systems, including Information Security Continuous Monitoring (ISCM) and Insider Threat (InT); 
• Planning, execution, and assessment of threats 
• Ability to conduct research on new and emerging information technologies and develop vulnerability assessment capabilities 

Preferred Qualifications:

• DevSecOps experience
• Experience with governance, risk assessment, and compliance for FISMA, FedRAMP, and NIST SP 800 series including NIST SP 800-37 and NIST SP 800-53, system security plans, security and privacy controls, POA&M management, assessment and authorization (A&A), Authority To Operate (ATO) and continuous monitoring processes
• Experience compiling and tracking vulnerabilities and mitigation results to quantify program effectiveness
• Experience creating and maintaining vulnerability management policies, procedures, and training

Education/Certifications/Licenses:

• Bachelor's degree in Computer Science, Information Technology, Cyber Security or related field, or equivalent combination of education and experience and training
• 10+ years’ of Vulnerability Assessment experience
• One or more of the following certifications:
• CISSP
• Security+ 
• Network+ 
• CySA+ 
• CompTIA
• The GIAC Security Essentials Certification 
• Active Public Trust 6c clearance or higher or eligible for Public Trust 6c clearance
• Experience with governance, risk assessment and compliance for FISMA, FedRAMP, and NIST SP 800 series including NIST SP 800-37 and NIST SP 800-53, system