Vulnerability Assessment Analyst with Security Clearance

---

Job description

Description Job Title: Vulnerability Assessment Analyst Location: Fort Meade, Maryland Security Clearance: Secret Responsibilities include (but are not limited to): Vulnerability Assessment: Conduct thorough vulnerability assessments on networks, systems, and applications using industry-standard tools and methodologies. Identify, document, and prioritize vulnerabilities based on risk assessments and impact to the organization. Collaborate with system owners and IT teams to develop and implement remediation plans for identified vulnerabilities. Threat Analysis & Reporting: Monitor and analyze security threats and vulnerabilities from various sources, including threat intelligence feeds, security bulletins, and vulnerability databases. Prepare detailed reports on findings, including risk analysis, potential impacts, and recommended mitigation strategies. Present vulnerability assessment results to stakeholders, including leadership and technical teams, in a clear and concise manner. Compliance & Security Standards: Ensure that all systems and applications are compliant with DoD cybersecurity standards, including Security Technical Implementation Guides (STIGs) and Risk Management Framework (RMF) requirements. Participate in security audits and assessments, providing evidence and documentation to demonstrate compliance. Stay current on the latest security threats, vulnerabilities, and mitigation techniques to ensure the organization's defenses are up to date. Continuous Improvement: Develop and maintain vulnerability management processes and procedures to improve the efficiency and effectiveness of the assessment program. Recommend enhancements to security configurations, policies, and procedures based on assessment findings. Assist in the development and delivery of security awareness training related to vulnerability management and secure coding practices. Qualifications Education & Experience: Bachelor's degree in Information Security, Cybersecurity, Information Technology, or a related field, or equivalent work experience. Minimum of 3-5 years of experience in vulnerability assessment, penetration testing, or related cybersecurity roles. Experience in a classified or DoD environment, with a strong understanding of DoD cybersecurity frameworks. Technical Skills: Proficiency with vulnerability assessment tools such as Nessus, Qualys, or OpenVAS. Strong knowledge of cybersecurity principles, including vulnerability management, risk assessment, and threat modeling. Familiarity with DoD STIGs, RMF, and other relevant cybersecurity frameworks and guidelines. Experience with scripting and automation tools to enhance vulnerability assessment processes (e.g., Python, PowerShell). Certifications (Preferred): Certified Ethical Hacker (CEH), GIAC Certified Penetration Tester (GPEN), or equivalent. CompTIA Security+ or CISSP. Certified Information Systems Auditor (CISA) or equivalent.

<!– job description page –>