Vulnerability Management Analyst Position Available In Cobb, Georgia
Tallo's Job Summary: The Vulnerability Management Analyst position at Ryan Consulting Group Inc in Smyrna, GA offers a full-time contract with an estimated salary range of $91.2K - $112K a year. Qualified candidates should have certifications like CISSP Auditor, CCNA, CompTIA CySA+, and 5 years of experience in information security. The role involves managing cybersecurity risks, identifying weaknesses, and ensuring remediation in alignment with agency needs and directives.
Job Description
Vulnerability Management Analyst Ryan Consulting Group Inc – 4.5 Smyrna, GA Job Details Full-time |
Contract Estimated:
$91.2K – $112K a year 6 hours ago Qualifications Certified Information Systems Auditor CSSP Auditor GICSP 5 years CCNA CompTIA CySA+ Secret Clearance Information security
GSNA CEH NIST
standards Vulnerability management CCNA Security IAT Cybersecurity Senior level CompTIA Security+ IAT Level
II CND SSCP
Attack Frameworks Full Job Description Description:
Shift:
Standard; Monday-Friday;
On-site Pay:
Commensurate with experience This role will provide support to increase the Cybersecurity Center’s ability to manage the cybersecurity risk to systems, assets, data, and agency capabilities through active identification of system/application weaknesses that require remediation and/or mitigation, enabling DoD to focus and prioritize its risk and vulnerability management efforts in alignment with the needs of the Agency. Work shall be performed in accordance with Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510.01, NIST SP 800-40, DoDI 8530.01, CJCSM 6510.02, TASKORD 20-020, FRAGO 21 to
OPORD 05-01CJCSI 6510.01F, CJCSM 6510.02, TASKORDER 13-0670
; and any future released directives/mandates.
Responsibilities Include:
Ensure routine action is taken to identify and correct vulnerabilities according to the following phases. Vulnerabilities include Information Assurance Vulnerability Management (IAVM) as well as vulnerabilities not addressed through IAVM directives but affect DoD owned and managed information systems (ISs) and devices: 1. Identify 2. Analysis 3. Report 4. Remediation/Mitigation 5. Verification 6. Post Analysis / Process Improvement Provide metrics tracking the following with regards to performance and mission success: mean time to patch; POA&M and Risk Acceptance staffing; and non-compliance trending. Support the risk assessment process, Information Security Continuous Monitoring (ISCM) program and Agency overall risk management strategy by providing vulnerability scan information to the Risk Management Group, or relevant entity, in support of assessing and authorizing the environments; Conduct testing of IS software patches, updates, upgrades, and hardware device configurations. Provide information system baseline scan reports. Provide enterprise, discovery, and compliance Vulnerability Scan report. Conduct vulnerability scans requests (i.e. SR, IR) and provide analysis results. Create and maintain consistent, repeatable, quality driven, measurable, and comprehensive Vulnerability Management procedures. Establish common standards for directive reporting and compliance as it relates to vulnerability management. Host vulnerability remediation/mitigation meetings to review remediation actions with stakeholders; providing SME level guidance on scanning signatures and detection capabilities; Validate and monitor corrective actions/remediation of vulnerabilities on information systems. Participate in Cyber Situational Awareness Brief (SAB) and provide: health status of required scans and scanning tools across all environments to include scanning completed by other entities such as DISA; and latest vulnerability status. Collaborate with DoD and/or Non-DoD organizations to actively share vulnerability information in order to shape cyber mission space for vulnerability mitigation.
Requirements:
Active Secret Security Clearance. At least 5 years of related experience. Experience working in a SOC environment. Experience conducting vulnerability scans. Experience working in a DoD environment. Knowledge of cyber kill chain. Ability to maintain DoD 8140 / 8570 IAT II certification and CSSP Analyst certifications
Certification Requirements:
DoD IAT II required certification/s (one of the following): CCNA-Security CySA+ (CSA+)
GICSP GSEC
Security+ CE
CND SSCP
DoD CSSP Auditor required certification/s (one of the following): CEH CySA+ •
CISA GSNA CFR
PenTest Pay Transparency Statement Ryan Consulting Group, Inc. complies with all relevant pay transparency laws in each state and jurisdiction where we operate. This includes providing salary ranges and pay data in compliance with state or local regulations where applicable. We also ensure that applicants and employees in relevant states are informed of their right to inquire about pay information as required by state or local laws. Employees and applicants in states where pay transparency laws are in effect can expect to be provided with salary information upon request during the hiring process. Equal Employment Opportunity (EEO) Statement Ryan Consulting Group, Inc. is an equal opportunity employer. We are dedicated to ensuring equal employment opportunities in all aspects of employment, including recruitment, hiring, promotion, training, compensation, benefits, and termination. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other characteristic protected by applicable law. Ryan Consulting Group, Inc. is also committed to complying with the Americans with Disabilities Act (ADA) and providing reasonable accommodations for qualified individuals with disabilities. If you need assistance or accommodation due to a disability in the application process, please contact . Drug-Free Workplace Statement Ryan Consulting Group, Inc. is committed to maintaining a drug-free workplace, in compliance with the Drug-Free Workplace Act of 1988, which is a requirement for all federal contractors. We recognize the impact that drug and alcohol abuse can have on the safety, health, and productivity of our workforce, and we are dedicated to providing a work environment that is free from illegal drugs and alcohol. All employment offers are conditional upon successfully passing a drug screening.