Senior Vulnerability Engineer

We are staffing a fulltime position as a Senior Vulnerability Analyst for a long-term contract / possible contract-to-hire position for a growing organization.  This person will establish a process to detect, track, prioritize, and report vulnerabilities on organizational information systems.  Configure and execute vulnerability detection with Tenable IO, coordinate mitigation efforts, and report progress.  Integrate closely with the compliance, cyber security, and information technology teams as well as the change management and software application control processes.  Experience with Tenable's Passive Vulnerability Scanner and Log Correlation Engine for both the Windows and Unix platforms.

Duties include:

• Identify critical flaws in applications and systems that cyber attackers could exploit
• Conduct vulnerability assessments for networks, applications and operating systems
• Conduct network security audits and scanning on a predetermined basis
• Use Tenable IO to pinpoint vulnerabilities and reduce time-consuming tasks
• Use manual testing techniques and methods to gain a better understanding of the environment and reduce false negatives
• Develop, test and modify custom scripts and applications for vulnerability testing
• Compile and track vulnerabilities over time for metrics purposes
• Write and present a comprehensive Vulnerability Assessment and maintain a database
• Supply hands-on training for network and systems administrators (if needed)

Requirements include:

• Must be eligible to work in the US without sponsorship
• Must be a Senior level person and have HANDS-ON experience as the person responsible for overseeing vulnerability.
• Bachelor’s degree or equivalent experience
• 3-5 years’ experience as an IT system administrator or cyber security professional
• Experience with either Tenable IO, Nessus, and/or Tenable Security Center vulnerability scanning
• Must understand scripting
• Fluency with networks, subnetting, routing, and firewalling. 
• Must understand Network Topology and Architecture
• Expertise with Windows and Linux operating systems
• Knowledge/experience with vulnerability management of free and open-source software products
• Excellent communication and organization skills
• Self-starter using knowledge of vulnerability management and experience

Desired skills include:

• CompTIA Sec+ certification
• Tenable certification
• Atlassian Jira configuration experience
• Industry certifications
• Fluency with regulatory requirements including CMMC, FISMA, and ISO
• Minimum 2 years’ experience with scripting language

PLEASE USE REFERENCE #022201