**This position is contingent upon award of contract**

SOSi is seeking to hire a highly qualified Information Systems Security Specialist – Vulnerability Management to serve as the Government’s trusted security advisor for scanning / vulnerability management.

Responsibilities

• Perform pre-production and quarterly production and non-production scanning for all assets that cannot or do not have agents within the customer Offices.


• Identify and set additional scanning schedules for the highest risk assets within the customer Offices.


• Recommend, develop, integrate, test, and implement improvements to our scanning process for device, operating system, application, and database vulnerabilities, leveraging tools and automation (by creating scripts and other integrations) from scheduling through reporting, and execute them.


• Proactively keep abreast of cybersecurity vulnerabilities that are newly identified on key government websites, Judiciary meetings, etc. to address potential impact to the customer Office systems.


• Coordinate with headquarters and System owners to schedule scans, where necessary.


• Coordinate with headquarters and System owners to discuss scan results.


• Performs scans manually for devices that do not accept agents (quarterly).


• Generates a scanning report to provide results to the ISOs/ISSOs.


• Generate written monthly metrics on scanning activities.


• Coordinate scanning schedules, which requires a scan to implement change in the environment, to minimize duplicative efforts.


• Perform other types of scanning (i.e., beyond Tenable Nessus), as needed.

Qualifications

• 5 years of experience in IT vulnerability management.


• 3 years of experience in Tenable Nessus.


• 1 years of experience using various application security testing suites.


• Ability to attain Public Trust Suitability Determination.

• Bachelor's degree

Working Conditions

• Remote