Oasis Systems

Systems Vulnerability Analyst

Job Locations US-MD-Rockville
Posted Date 2 weeks ago(8/4/2022 11:18 AM)
Requisition Number
2022-12112
Category
Information Technology

Overview

Oasis Systems has an exciting opportunity for a Systems Vulnerability Analyst in Rockville, MD. The Cyber Security Vulnerability Analyst helps our customer ensure IT systems meet federally mandated and customer-defined cybersecurity requirements. The ideal candidate is detail-oriented with a technical background. The Cyber Security Vulnerability Analyst will Collaborate with key organizational personnel (technical and administrative) to test systems security posture by performing both automated and manual vulnerability checks. Document findings in the appropriate report based on the effort (to include periodic scanning reports, risk assessments, and vulnerability assessment reports). Map findings to the appropriate NIST 800-53 security control. Review remediation evidence in order to validate that findings have been addressed. 

 

LOCATION: Rockville

JOB STATUS: Full-Time

TRAVEL: Occasional domestic travel

 

REQUIRED QUALIFICATIONS (Education, Certifications, Experience, Skills)

SECURITY CLEARANCE: NRC Suitability

EDUCATION: AA/AS degree in information systems, computer science, or related fields. 

CERTIFICATIONS: The Ideal candidate will also have one or more of the following certifications: A+/Network+, Security+, Cloud+, CEH, CISA, SSCP, CISSP

EXPERIENCE LEVEL: 4 years working in information systems, computer science, or related fields (may be concurrent) and at least 2 years with hands-on administration of information systems.

 

OTHER QUALIFICATIONS/SKILLS: 

  • Working knowledge of DISA STIGs, SCAP content, Tenable Audit files, and CIS Benchmarks.
  • Experience with vulnerability scanning tools, such as Tenable SecurityCenter/Nessus.
  • Knowledge of networking devices (e.g., routers and switches), web services (e.g., IIS, Apache Tomcat), network security appliances (e.g., firewalls, VPNs), databases (e.g., Microsoft SQL), and intrusion prevention/anti-malware software.  Hands-on experience a plus.
  • Knowledge of Windows, Linux, and Unix operating systems. Hands-on experience a plus.
  • Knowledge of virtualized environments.  Hands-on experience a plus.
  • Knowledge of system and application security threats and vulnerabilities.
  • Proficiency with Microsoft Office applications.
  • Ability to prioritize and complete tasks efficiently and effectively.
  • Comfortable working individually and as part of a team.
  • Scripting ability (e.g., PowerShell, VBA) is a plus.

 

RESPONSIBILITIES: 

  • Work closely with all levels of personnel, including system administrators, Information System Security Officers (ISSOs), and Authorizing Official (AO), to support FISMA systems through the
  • Assess the security posture of on-premise and cloud IT systems.
  • Conduct automated and manual scans verifying compliance with customer standards, DISA STIGs, CIS Benchmarks, vender security hardening documentation, and industry best practices.
  • Research and evaluate threats and vulnerabilities to assist in prioritization of remediation actions.
  • Compile, organize, and report vulnerabilities and mitigation results to quantify program effectiveness.
  • Develop periodic scanning reports, risk assessments, and vulnerability assessment reports depending on assigned effort.
  • Meet with stakeholders to review scan results and project deliverables.
  • Advise stakeholders on appropriate remediation & mitigation solutions. 

 

 

 

 

Who We Are

Oasis Systems is a premier provider of customer-driven, cost-effective and quality Engineering Services; Enterprise Systems and Applications; Human Factors Engineering; Information Technology and Cyber Security; Professional Services; and Specialized Engineering Solutions to the Department of Defense, FAA, NRC and other federal agencies.

 

We strive to be an exciting and welcoming company that attracts, develops, motivates and retains the most talented, skilled and dedicated people in the industry; where they are encouraged to achieve personal excellence, purpose, and their full potential and career aspirations; while supporting mission-critical national security technologies and programs.

 

Oasis Systems is an equal opportunity employer and does not discriminate in hiring or employment on the basis of any legally protected characteristic including, but not limited to, race, color, religion, national origin, marital status, gender, sexual orientation, ancestry, age, medical condition, military veteran status or on the basis of physical handicap which, with reasonable accommodation, render the application to satisfactorily perform the job available

 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed