BAE Systems Vulnerability Analyst in Washington, District Of Columbia
The Vulnerability Analyst is responsible for providing vulnerability tracking and statuses to the Strategic Systems Programs (SSP) Command Information Officer (CIO)
Primary duties include the following:
Managing ACAS Security Center and Nessus scanners. Ensuring that all devices are scanned on a monthly basis and ACAS is up to date. Analyzing network vulnerability (ACAS) scans to validate and track Information Assurance Vulnerability Alerts/Bulletins (IAVA/B) notices, vendor vulnerabilities and configuration settings. Duties also include coordinating with System and Network Administrators on mitigations and remediations.Evaluating vulnerabilities alongside system and network administrators to provide written plans when a system cannot meet deadlines for compliance.Maintaining a living Risk Assessment Report(RAR)/Plan of Action and Milestones(POA&M) of vulnerabilities for local and distributed sites.
Report Vulnerability scans, IAVA/B compliance, Official Navy Orders, and other cyber directives to the Vulnerability Remediation Asset Manager (VRAM) along with approved mitigations.
Secondary duties include:
Assisting with Certification and Accreditation packages, Cyber security audit preparation, internal audits and documentation preparation and origination. Maintain the SSP Enterprise systems certification and accreditation (C&A) plans; C&A topologies; ports, protocol, and services lists; contingency plans, disaster recovery procedures, and incident response plans.
Review security and data/logs to respond to security incidents on SSP Enterprise systems.
Support the SSP IAM/ISSM in developing SSP Cybersecurity standards and policies.
Provide technical guidance to the SSP IAM/ISSM, CIO, Cybersecurity Workgroup (CSWG), Program Managers (PMs), Program Management Officers (PMOs), FBM Partners, etc. on cybersecurity matters and initiatives, including researching new technologies to counter evolving threats.
Typical Education & Experience
Typically a Bachelor's Degree and 4 years work experience or equivalent experience
Required Skills and Education
Active DoD security clearance required.
experience with eMASS
NIST Special Publications
Bachelor's degree in Engineering, Information Systems, Computer Science or related field, preferred, but depending upon experience, will consider other degree disciplines and at least 2 years of professional work related experience. May also consider 7 years of related professional work experience in lieu of the degree. Experience must include at least 4 years experience supporting and/or maintaining information security technologies.
Must have a security-related industry certification.
Experience with information security best practices and security frameworks
Knowledge and understanding of security technologies including intrusion detection/prevention systems, firewalls, vulnerability scanning, and data protection/encryption systems
Familiarity with network security tools and technologies including networking protocols
Experience developing policies, procedures, and technical training materials
Good verbal and written communication skills
About BAE Systems Intelligence & Security
BAE Systems Intelligence & Security, based in McLean, Virginia, designs and delivers advanced defense, intelligence, and security solutions that support the important missions of our customers. Our pride and dedication shows in everything we dofrom intelligence analysis, cyber operations and IT expertise to systems development, systems integration, and operations and maintenance services. Knowing that our work enables the U.S. military and government to recognize, manage and defeat threats inspires us to push ourselves and our technologies to new levels. That s BAE Systems. That s Inspired Work. Equal Opportunity Employer/Females/Minorities/Veterans/Disabled/Sexual Orientation/Gender Identity/Gender Expression. To see Inspired Work in action, visit www.baesystems.com and follow us on Facebook: www.facebook.com/baesystemsintel.
EEO Career Site Equal Opportunity Employer. Minorities . females . veterans . individuals with disabilities . sexual orientation . gender identity . gender expression