Please take this opportunity to join one of GDIT's fastest long-standing growing programs! US Battlefield Information Collection and Exploitation System eXtended (US BICES-X) is a cutting edge program supporting DoD intelligence information sharing on current and emerging global threats to mission and coalition partners and emerging nations. With an internationally dispersed team supporting each combatant command the US BICES-X team is in direct support of the war fighter and their missions. We are seeking a creative and driven professional with a passion for solving real world issues on a cross-functional, fast paced team.
As a Vulnerability Management Engineer supporting USBICES you will be responsible for testing, implementing, deploying, maintaining and reviewing the infrastructure hardware and software that are required to effectively manage the Vulnerability Management Program.
This position will be working with in our global environment providing system administration to the RHEL infrastructure and application support of the SecurityCenter application in accordance with the ACAS PMO baseline.
1. Performs all procedures necessary to ensure compliance with requirements for the scanning and identification of vulnerabilities in networks, servers, endpoints, and applications. Primary responsibilities will include configuration, maintenance, integration and reporting for vulnerability scanning operations.
2. Performs Vulnerability Management (VM) activities for a large Program; coordinates with government Program staff, USAF, and other government agencies to assist in the creation, dissemination, direction, and auditing of VM policies, standards, and operating procedures.
3. Configure and perform vulnerability scans to discover and analyze vulnerabilities and characterize risks to networks, operating systems, applications, databases, and other information system components.
4. Configure and perform compliance scanning to analyze configurations and facilitate implementation of configurations and hardening settings for networks, operating systems, applications, and other information system components.
5. Communicate security and compliance issues to government leaders, Cybersecurity Operations and A&A staff in an effective and appropriate manner.
6. Provide status reports to stakeholders, senior GDIT and government personnel related to VM metrics/results, key risk indicators, trending and compliance.
7. Engage with stakeholders and management to facilitate vulnerability discovery and remediation.
8. Create and maintain SOPs/TTPs for the VM program.
9. Validate remediation actions and ensure compliance with information security policy, regulatory and contractual requirements.
10. Assist in the development, update and implementation of VM policies, procedures and standards based on NIST 800-53 standards, best practices and compliance requirements.
11. Perform system administration, and maintain configuration control, of VM hardware, systems and application software. Coordinate upgrades and other maintenance activities on VM tools.
12. Maintain proficiency in VM best practices.
13. Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
14. Collaborate on and provide VM results and metrics for consistent reporting.
1. 5+ years of related experience required.
2. Must possess and maintain a TS/SCI clearance.
3. Must meet the baseline 8570 certification IAT II: CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP CISSP (or Associate), GCED, or GCIH.
1.Prefer the baseline 8570 certification IAT III: CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, or GCIH.
2. Self-starter: critical thinking skills to identify gaps and provide courses of action to bridge those gaps.
3. System administration or engineering experience.
4. RedHat Enterprise Linux operation maintenance and engineering experience.
5. The ability to work and set priorities on multiple projects/tasks at once and operate in a dynamic, fast-paced team-oriented environment.
6. Communication skills in one on one, team, and senior management settings to convey information efficiently and effectively.
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.