Vulnerability Management Analyst - Wiesbaden, Deutschland - General Dynamics Information Technology

Beschreibung

GDIT has an opportunity for a Vulnerability Management Analyst (VMA) supporting U.S. Army Europe on our Enterprise Mission Information Technology Services (EMITS) program in Wiesbaden, Germany.

HOW A VULNERABILITY ANALYST WILL MAKE AN IMPACT

• The VMA will work closely with the Cybersecurity Compliance Team - to support the USAREUR-AF Mission Partner environment connected systems through the vulnerability management and Risk Management Framework (RMF) process.
• Maintain configuration items and executing functions on the vulnerability management platform, which includes but not limited to ACAS & Source Code scans, STIG Validation in support of DISA, DoD, USEUCOM, and USAREUR-AF guidelines and proactive vulnerability detection.
• Composing essential documentation (procedures, compliance and remediation reports, continuous monitoring, etc.), providing analysis and metrics on vulnerabilities, and driving remediation of vulnerabilities throughout the organization.
• Develop Compliance (Credentialed Scans, CVSS10, OS, HBSS, PKI, AV) and Continuous Monitoring (RMF Controls) reporting dashboards and metrics
• Facilitate proactive remediation or mitigation of new vulnerabilities by collecting information from threat and vulnerability feeds, analyzing the impact/applicability to our environment and communicating applicable vulnerabilities and recommended remediation actions to the impacted teams
• Provide technical support to system and technology owners to propose mitigation and remediation solutions
• Assist with routine compliance and audit functions to ensure regulatory scanning requirements are satisfied
• Document and report on processes and procedures
• Provide input to leadership for enhancing the vulnerability management strategy
• Stay current on security industry trends, attack techniques, mitigation techniques, security technologies and new and evolving threats to the organization by attending conferences, networking with peers and engaging in other education opportunities

WHAT YOU WILL NEED TO SUCCEED

• Security Clearance Required: Secret Clearance to begin work and the ability to obtain a Top Secret-SCI clearance
• Experience: 3+ Years of Information Security Experience, working with Vulnerability management tools as well as 5+ years combined IT Systems experience
• Education: Bachelor's Degree in Computer Science, Computer Engineering, or an equivalent combination of education and experience.
• Certifications: Must have one of the following DoD 8570 IAT III Level certifications: CASP, CISA, CISSP, GCIH CISM, GSLC
• Must have one of the following Computing Environment (CE) certifications: RHSA, MCSA, DISA ACAS 5.x, CCNA
• Sec+ CE, SSCP, GIAC Security Essentials, and other security related certifications a plus
• Skills: Demonstrated knowledge of Systems Administration/Engineering with proficiency in analyzing systems designs with a systems security mindset. Strong knowledge of threats and vulnerabilities associated with cloud and on-premise network security and Computer Network Defense. Strong analytical and problem-solving skills and proactive thinking skills. High-level familiarity with Vulnerability Management tools such as ACAS, SCAP, STIG Viewer, and SCCM. Moderate to high-level familiarity with and Cybersecurity tools such as Cisco Secure Network Analytics, Elastic, ESS, SolarWinds and various network firewalls. Basic level familiarity with DoD, US Army, USEUCOM, CJCS, CNSS, NIST and other Cyber Security Regulatory Compliance bodies. Ability to oversee and/or perform the development, maintenance, and continual improvement of the vulnerability management platform, processes, and technical assessment support. Ability to drive automation of vulnerability management platform and processes. Demonstrated understanding of infrastructure and cloud vulnerability scanning. Understanding of how to classify and prioritize the risk of new vulnerabilities based on the operating environment. Ability to develop and maintain metrics and reports on vulnerability findings and remediation compliance. Sense of urgency to address new technologies being deployed: Continuous development of infrastructure and cloud vulnerability expertise to function as subject matter expert in multiple technical or business disciplines

GDIT IS YOUR PLACE:

• 401K with company match
• Comprehensive health and wellness packages
• Internal mobility team dedicated to helping you own your career
• Professional growth opportunities including paid education and certifications
• Cutting-edge technology you can learn from
• Rest and recharge with paid vacation and holidays

Work Requirements

.cls-1{fill:none;stroke:#5b6670;stroke-miterlimit:10;stroke-width:2px}
Years of Experience
5 + years of related experience

* may vary based on technical training, certification(s), or degree

.cls-2{fill:none;stroke:#5b6670;stroke-miterlimit:10;stroke-width:2px}
Certification
CISSP - ISC2

Travel Required
Less than 10%

.cls-3{fill:none;stroke:#5d666f;stroke-miterlimit:10}
Citizenship
U.S. Citizenship Required

About Our Work

We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.