Junior Vulnerability Management Engineer - (FED00007U)

  • Jacobs
  • Primary Location: United States-Virginia-Herndon-20364-VAD7
  • Dec 07, 2020
Full time Construction

Job Description

Your Impact:
 
Jacobs National Security Solutions (NSS) is looking for a Junior Vulnerability Management Engineer to provide support in Herndon, VA.  
Duties will include: 
• The Candidate will be responsible for conducting vulnerability scans at the
        network, operating system, database, and application levels on financial
        systems within this organizations enterprise. 
• The candidate will be performing vulnerability scanning and analysis to
        eliminate false positives and to aggregate findings by specific best practice
        criteria. 
• The candidate must have experience providing recommendations for
        remediation and collecting evidence to verify the vulnerability no longer
        exists.  
• The candidate will be validating the vulnerabilities identified against the
        National Institute of Science and Technology (NIST) Framework, National
        Vulnerability Database (NVD) and Security Best Practice standards such
        as CIS Benchmarks, DISA STIGs and vendor hardening standards.   
• The ideal candidate will have prior experience performing full scope Risk
        Management processes for a federal client, to include Certification and
        Accreditation (C&A), FISMA Self Assessments, Technical Assessments
        (Vulnerability analysis, penetration testing), and Risk Assessments.  
• The candidate should have experience using vulnerability and security
        testing tools and reviewing the results from tools such as Nessus, HP
        WebInspect, QualysGuard, AppDetective, and Burp Suite.
 
 
Here's What You'll Need:
 
Qualifications:  
 
Demonstrated 1+years of technical experience with the following techniques or substitute education for years of experience:
 
• Vulnerability Scanning and Analysis
• Unix/Linux (Solaris/Red Hat) and MS Windows Operating Systems
• Network Switching/Routing and TCP/IP
• Databases (e.g., MS SQL, Oracle, DB2)
• Web application vulnerability scanners (e.g., Qualys WAS, WebInspect,
        AppScan)
• Database vulnerability scanners (e.g., AppDetective, DbProtect)
• General purpose vulnerability scanners (e.g., QualysGuard, Nessus)
• Security configuration checklists (e.g., DISA STIGs, CIS Benchmarks)
• NIST Special Publications (e.g., 800-53, 800-37)
 
Additional Requirements:
• Certifications like CEH, CCNA, CCNP, GSEC and others are preferred. 
• 1+ years experience or substitute education for years of experience and
        understanding of NIST 800-53, NIST 800- 3A,NIST 800-30 and NIST 800-
        37.
• 1+ years prior experience performing security control assessments of all
        NIST 800-53 controls or substitute education for years of experience.
• Experience configuring and using technical assessment tools such as
        Nessus, HP WebInspect, AppDetective, BurpSuite, Wireshark,
        QualysGuard and Redseal.  
• 1+ years of Risk Management Framework (RMF) implementation
        experience or substitute education for years of experience.
• Proficiency understanding the technical architecture of IT systems built
        using Windows, UNIX, Linux, IBM AIX, VMware, Citrix, Oracle and MySQL
        platforms. 
• Strong documentation and communication (written and verbal) skills.
• Working knowledge of common network devices
• Working knowledge of Windows and Unix operating systems
• Working knowledge of common database platforms
• Self-motivated and able to work in an independent manner.
• Must be able to obtain “Public Trust” level clearance. (SF-85 and SF-86
        submission required).
 
 
Essential Functions:
 
Physical Requirements:
Most work will be done at a desk or computer.
 
Work Environment:
General Office environment. The work environment is fast-paced and sometimes involves extreme deadline pressures. The nature of the work requires a high degree of teamwork and cooperation with other members of the staff as well as individuals across the Company and Customers.
 
Equipment & Machines:
General office equipment including PC/laptop, Fax, Copiers, Shredder, Printers, Telephone, and other miscellaneous office equipment.
 
Attendance:
Attendance is critical at all times. Must be able to work a 40-hour workweek, normally Monday through Friday.  However, times and days may vary depending on business requirements. Needs to be available to work overtime during critical peaks and be available to meet last minute requests for overtime should the situation occur.
Other Essential Functions:
Must be able to communicate effectively both verbally and in writing. 
Grooming and dress must be appropriate for the position and must not impose a safety risk/hazard to the employee or others. Must put forward a professional behavior that enhances productivity and promotes teamwork and cooperation.
Must be able to interface with individuals at all levels of the organization both verbally and in writing. Must be well-organized with the ability to coordinate and prioritize multiple tasks simultaneously. Must work well under pressure to meet deadline requirements. Must be willing to travel as needed. Must take and pass a drug test and background check as well as a motor vehicle records check. Must be a US citizen.
 
 
 
 
 
 
 
 Jacobs is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, religion, creed, color, national origin, ancestry, sex (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, medical condition, marital or domestic partner status, sexual orientation, gender, gender identity, gender expression and transgender status, mental disability or physical disability, genetic information, military or veteran status, citizenship, low-income status or any other status or characteristic protected by applicable law. Learn more about your rights under Federal EEO laws and supplemental language. 

Primary Location

: United States-Virginia-Herndon-20364-VAD7

Travel

: No

Job Posting

: Dec 1, 2020, 6:59:33 PM

Job

: Information Technology

Organization

: CMS

Job Type

: Experienced
Job Classification: Full-Time Regular

Work Locations

: 
20364-VAD7 
2551 Dulles View Drive 
 Herndon 20171
Capabilities: Cyber Security