Vulnerability Management Analyst (OS/Infrastructure) with Security Clearance

---

Job description

MUST BE A US CITIZEN TO APPLY JOB TITLE: Vulnerability Management Analyst (OS/Infrastructure) CLIENT: DLA Cyber Security OT Support Services LOCATION: DLA Land & Maritime, 3990 E. Broad St Columbus, Ohio Background:
The DLA (Defense Logistics Agency) Cyber Security is the Cyber Security Service Provider (CSSP) for all of DLA. DLA Cybersecurity performs and/or coordinates the performance of all CSSP functions as described in the CJCSM 6510.01 as well as DODI 8530.01. These functions include but are not limited to continuously monitoring all facets of the DLA network such as network and host-based Intrusion Detection Systems (IDS); handling and developing warning intelligence for DLA subscribers and other CSSPs; providing attack sensing and warning services tailored specifically to each DLA subscriber; responding to and handling cyber incidents as they are identified. DLA Cyber Emergency Response Team (CERT) requires 24x7x365 staffing to include all holidays to allow for continuous monitoring and identification of cyber incidents as well as unhindered coordination of containment, eradication and recovery efforts. DLA Vulnerability Management (VM) also requires resources to perform discovery and assessment of DLA's assets in particular Operational Technology assets. In addition to basic functions DLA CERT coordinates and monitors cybersecurity efforts for DLA's Operational Technology (OT) devices. DLA CERT coordinates internal cybersecurity reporting as well as reporting to and from US Cyber Command. A Fly Away teams need to be designated as needed to perform on-site incident response, cybersecurity assessments and OT user education. Responsibilities:
Serves as vulnerability management analyst for assigned information systems and computer networks. Analyzes vulnerabilities and characterizes risk to networks, operating systems, applications, databases, and other information system components. Engages with stakeholders and mission partners to facilitate vulnerability discovery through manual review and/or the use of vulnerability scanners. Facilitates the coordination of remediation efforts, prioritizing remediation efforts based on risk. Recommends appropriate
actions to remediate vulnerabilities and mitigate risks and ensures the implementation of appropriate security settings to include those required by Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIG). Supports and ensures compliance with DOD Information Assurance Vulnerability Management (IAVM) program. Tracks and reports security and compliance issues. Validates remedial actions and ensures compliance with DLA and DOD information security policy Required Experience: Five (5) years of relevant experience or related formal education
Hands-on experience working with vulnerability scanners
Understanding of vulnerabilities and remediation techniques
Minimum Requirements:
Must be able to be placed into IT-II access DoD Approved 8570/8140 Baseline Certification: Category IAM Level II such as CASP + CE, CISM, CISSP

<!– job description page –>