Vulnerability Management & Assessment Analyst

About the position Your Impact Own your opportunity to work with the largest government agency in the nation. Make an impact by advancing the Department of Defense's mission to keep our country safe and secure. Mission USSTRATCOM is a Combatant Command responsible for strategic deterrence, nuclear operations, and enterprise IT services essential to national security. It oversees Nuclear Command, Control, and Communications (NC3), Joint Electromagnetic Spectrum Operations (JEMSO), Global Strike, and Missile Threat Assessments, working closely with other Combatant Commands, Services, and defense agencies. SCITLS will be a key component that will ensure mission success and the safety. Job Description VMOD Analyst: Responsible for vulnerability assessment, analysis, and vulnerability management by performing network discovery, network, and host vulnerability scanning, analyzing trends, and creating and compiling vulnerability scanning activities across multiple DoD Networks and DoD ILs. Tracks vulnerability management status, failed credentials, and hosts with un-patched vulnerabilities for remediation by the contractor. Provides subject matter expertise for VMOD vulnerability assessment, trend analysis, and vulnerability management. Monitors and maintains situational awareness of the status of open vulnerabilities. Recommends, prioritizes, and supports remediation efforts in accordance with Government directions, regulations, policies, procedures, governance, and guidance. Conducts Nessus Network Monitor, Nessus Agent application O&S, and Nessus vulnerability management. Updates VMOD policies and works with USG personnel to support CSSP, providing analysis, updates, directives, and reporting for VMOD capabilities. Analyzes systems and networks to find deviations from acceptable configurations, policies, or local standards. Responsibilities • Perform network discovery and vulnerability scanning. • Analyze trends and compile vulnerability scanning activities across multiple DoD Networks. • Track vulnerability management status and failed credentials. • Provide subject matter expertise for VMOD vulnerability assessment and management. • Monitor and maintain situational awareness of open vulnerabilities. • Recommend and support remediation efforts. • Conduct Nessus Network Monitor and vulnerability management. • Update VMOD policies and support CSSP. • Analyze systems and networks for deviations from acceptable configurations. Requirements • 8+ years of related experience. • US Citizenship required. • BA/BS or equivalent. Nice-to-haves • GFACT or GISF or Cloud+ or GCED or PenTest+ or Security+ or GSEC certifications. • ITIL 4 Foundation. • GIAC Certified Vulnerability Assessor (GCVA). • CompTIA Cybersecurity Analyst (CySA+). • GIAC Certified Incident Handler (GCIH). • MITRE ATT&CK Defender (MAD). • GIAC Certified Threat Intelligence Analyst (GCTI). Benefits • 401K with company match. • Comprehensive health and wellness packages. • Internal mobility team dedicated to helping you own your career. • Professional growth opportunities including paid education and certifications. • Paid vacation and holidays. Apply tot his job