Mitigation & Vulnerability SME

GENERAL POSITION DESCRIPTION

The Mitigation and Vulnerability SME Level III will support an Operations & Maintenance team as a part of a large, complex cybersecurity, engineering and PMO contract for a federal customer.

The Mitigation and Vulnerability SME Level III will be responsible for coordinating and streamlining the vulnerability management program. The candidate will also engage directly with various operational teams ensuring vulnerabilities are detected, prioritized, and remediation/mitigation actions are executed. The successful candidate will play a key role in operational reporting & metrics capability, ultimately ensuring the federal organization being supported can adequately be measured towards compliance to the standard set for enterprise vulnerability management.

The ideal candidate will be self-driven, possess the inherent interest to continue learning new technologies to solve problems and have a collaborative and continual improvement mindset in all facets of the role.

ROLE RESPONSIBILITIES

• Closely collaborates with cybersecurity and other stakeholder teams to drive identification and remediation of security vulnerabilities
• Develops and executes continuous process improvement for vulnerability management and risk reduction.
• Extensive experience using MECM to drive organization and execution of vulnerability management
• Implements, defines and improves current policies, standards, and procedures related Vulnerability Management: vulnerability scanning, vulnerability reporting, coordination of patch management,
• Collaborates closely and regularly with operations & maintenance peers, Information System Security Officers (ISSOs), compliance and engineering stakeholders to identify, plan and deploy mitigation strategies at the enterprise level.
• Maintains and supports day to day operations and configuring/troubleshooting all aspects of SCCM effectively, including patch management, software distribution, Operating System Deployment, reporting, and
• Experience with managing ServiceNow tickets
• Makes recommendations for organization-wide system improvements, optimization or maintenance efforts
• Experience with managing Splunk
• Experience with security mitigation, vulnerability, and risk management, performing IT Security software update/upgrade, and implementing risk management framework.
• Experience in IT Operations security management including mitigation planning and recommendation, working directly analyzing vulnerability and applying patches/removing vulnerabilities on Microsoft Windows devices (Servers and workstations); Microsoft operating system, active directory, Server, and hardware issues such as servers and appliances.
• Experience supporting Microsoft enterprise environment involving the understanding of software such as Active Directory, DHCP, DNS, and file and print servers, supporting server performance tuning and monitoring tools.
• Experience with IP networking issues as it relates to local area networks while working with Network Engineers to troubleshoot advanced network issues.
• Experience deploying and managing secure video teleconferencing, audio- visual, and COMSEC equipment.
• Monitors and provides metrics on threat level of vulnerabilities
• Works with multi-functional teams to ensure systems development does not expose new threat vectors
• Assists in the design and development of threat mitigation strategy, prioritize identified threats, managing risks associated with threats

SOFT SKILLS:

• Inherent experience with collaborating with cross-functional teams within the organization, and other offices to ensure the integration and compatibility of network solutions with other IT systems and applications.
• Strong "solutions-oriented" and collaborative mindset to drive solutions and execution for the good of the mission and team.
• Excellent written and verbal communication skills; ability to understand and effectively communicate technical concepts in a compelling, persuasive manner to non-technical persons.
• Excellent ability to interact skillfully and diplomatically with numerous counterparts and build rapport, including contract stakeholders, government representatives and vendors
• Proven proficiency facilitating challenging conversations across all levels of the organization
• Must have a high level of EQ to "bring out the best" in team members, both internal and external
• Experience and composure to be the conductor of a very complex and challenging technical "orchestra."
• Solid goal-oriented thinking, while possessing the business acumen to align projects to business outcomes
• Flexibility and ability to swiftly adapt to a customer environment and positively integrate oneself
• Strong analytical, problem-solving, and decision-making capabilities, with a data-driven mindset
• Team player with the ability to work in a fast-paced environment with a continuous process improvement culture Demonstrated outstanding level of professionalism in providing project review support, including ability to exercise good judgment, discretion, tact, and diplomacy
• Sound business ethics, including the protection of proprietary and confidential information

POSITION REQUIREMENTS

• Must be a U.S. Citizen
• Bachelor's Degree
• Ability to obtain a DHS Public Trust clearance
• 10+ years experience
• ONE of the following certifications:
  • Microsoft Azure Fundamentals (AZ900) OR
  • AWS Certified Cloud Practitioner (CCP) OR
  • Microsoft M365 Fundamentals certification

"PLUS" ATTRIBUTES

• Possess a current DHS EOD clearance
• Supported a DHS Component