3+ years of experience in utilizing security relevant tools to include: NESSUS, ACAS, DISA STIGs, Audit Tools, Forescout, ESS, Performs assessments of system and network and identifies where the system/network deviate from acceptable configurations, DoD policy, or local policy/guidelines. Measures effectiveness of defensein depth architecture against known vulnerabilities using available tools within organization to find them. Analyze, prioritize, and mitigate vulnerabilities to lower or eliminate risk. Create reports to effectively communicate to government problems and proposed solutions. Actively manage (inventory, track, and request corrective action) all hardware devices on network that only authorized devices is given access and unauthorized and unmanaged devices are found and prevented from gaining access. Actively manage (inventory, track, and correct) all software on the network so that only authorized software is installed and can execute, and that unauthorized and unmanaged software is found and prevented from installation or execution. Submit tickets to appropriate teams for corrective actions. Conduct/review/validate vulnerability scans. Perform vulnerability scans to include analysis of results, identification of false positives, exceptions, and subsequent POA&Ms and/or MFRs creation, monitoring and reporting to include POA&M status and contributions to Monthly and Quarterly reports. Scanning and operations support to include supporting the test/scanning environment, licensing, target asset refreshes, and credentials. Collects and reviews data gathered from a variety of tools (including intrusion detection system alerts, firewall, network traffic logs, and host system logs) to analyze events for possible attacks that occur within the environment. The environments can be computing, network, or enclave. Validates, investigates, and analyzes all response activities related to cyber incidents. These tasks include, but are not limited to: creating and maintaining incident tracking information; planning, coordinating, and directing recovery activities; and incident tracking information; and incidents analysis tasks, including examining all available information and supporting evidence of artifacts related to an incident or event. Performs assessments of systems and networks within the network environment or enclave and identify where those systems and/or networks deviate from acceptable configurations, enclave policy, or local policy.
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
Human Resources Request Form. The EEOC "Know Your Rights" Poster is available
here.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
3+ years of experience in utilizing security relevant tools to include: NESSUS, ACAS, DISA STIGs, Audit Tools, Forescout, ESS, Performs assessments of system and network and identifies where the system/network deviate from acceptable configurations, DoD policy, or local policy/guidelines. Measures effectiveness of defensein depth architecture against known vulnerabilities using available tools within organization to find them. Analyze, prioritize, and mitigate vulnerabilities to lower or eliminate risk. Create reports to effectively communicate to government problems and proposed solutions. Actively manage (inventory, track, and request corrective action) all hardware devices on network that only authorized devices is given access and unauthorized and unmanaged devices are found and prevented from gaining access. Actively manage (inventory, track, and correct) all software on the network so that only authorized software is installed and can execute, and that unauthorized and unmanaged software is found and prevented from installation or execution. Submit tickets to appropriate teams for corrective actions. Conduct/review/validate vulnerability scans. Perform vulnerability scans to include analysis of results, identification of false positives, exceptions, and subsequent POA&Ms and/or MFRs creation, monitoring and reporting to include POA&M status and contributions to Monthly and Quarterly reports. Scanning and operations support to include supporting the test/scanning environment, licensing, target asset refreshes, and credentials. Collects and reviews data gathered from a variety of tools (including intrusion detection system alerts, firewall, network traffic logs, and host system logs) to analyze events for possible attacks that occur within the environment. The environments can be computing, network, or enclave. Validates, investigates, and analyzes all response activities related to cyber incidents. These tasks include, but are not limited to: creating and maintaining incident tracking information; planning, coordinating, and directing recovery activities; and incident tracking information; and incidents analysis tasks, including examining all available information and supporting evidence of artifacts related to an incident or event. Performs assessments of systems and networks within the network environment or enclave and identify where those systems and/or networks deviate from acceptable configurations, enclave policy, or local policy.
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.