Vulnerability Management Engineer

Avint LLC is seeking a motivated and skilled Vulnerability Management Engineer to join our team in the Herndon, VA area. The engineer will be able to identify systemic security issues based on the analysis of vulnerability and configuration data and apply programming language structures and logic. The engineer will share meaningful insights about the context of an organization's threat environment that improve its risk management posture.

In this position, the candidate will lead the cyber team in support of the Treasury's cyber security mission. Along with leading the team and interfacing with the client on a regular basis, the role includes leading the vulnerability management through extensive knowledge and experience with identification and remediation of issues. You will leverage your Splunk and Tenable experience to increase the Treasury cyber posture and report out to the Treasury client.

Position Responsibilities:

• Assist with security architecture and design, threat modeling ability, and design/build practical control tests
• Support threat modeling activities including optimizing network security, locating vulnerabilities, identifying objectives, and developing countermeasures to prevent or mitigate effects of cybersecurity attacks
• Provide support for security information and event management (SIEM) and Security Orchestration, Automation and Response (SOAR) activities, audit logging/monitoring tools, and other security tools
• Support threat and vulnerability management activities and utilize a variety of code scanning tools (Nessus, Qualys, DB Protect, Webinspect, Acunetix, etc).
• Assist with security and patch management issues and coordinate with vendors as necessary in support of tools and vulnerability management activities
• Review results of vulnerability scanning and alerting tools and lead vulnerability remediation, scan analysis, validation, reporting, and troubleshooting activities
• Manage security tools including installation, administration, configuration, and troubleshooting security tools (Nessus, Qualys, DB Protect, Webinspect, Acunetix, etc)
• Support continuous monitoring activities including review, analyze, monitor, and validate security audit log events in accordance with Treasury policy and procedures
• Assist with building dashboards and reporting mechanisms and run Splunk queries
• Maintain security engineering documentation and ensure updates to current documentation are completed
• Assist with identification of and recognition of possible indicators of compromise (IoCs) for EBS applications.
• Create, maintain, and update applicable documentation and reports

Requirements

Technical Qualifications:

• Skilled in conducting vulnerability scans and recognizing vulnerabilities in security systems
• Assesses the robustness of security systems and designs
• Detects host and network-based intrusions via intrusion detection technologies (e.g., Snort)
• Experience in mimicking threat behaviors
• Use of network analysis tools to identify vulnerabilities. (e.g., fuzzing, Nmap, etc.)
• Conducts application vulnerability assessments
• Performs impact/risk assessments

Qualifications:

• Bachelor in related field or 5 - 8 years of experience
• 5 - 8+ years of experience providing support implementing solutions to defend against cyber threats using the latest methods and tools, threat modeling, and assisting with security architecture and design
• Serves as Career Manager responsible for performance management and professional development of lower levels
• Proactively leads teams in the execution of complex tasks with minimal direction and produces high quality results
• Demonstrates mastery of multiple vulnerability management areas
• Develops subject matter expertise of other staff
• Demonstrates exceptional communication skills, oral and written
• Leads working sessions to solicit ideas and develop innovative solutions
• Promotes collaboration across functional teams
• Develops and presents highly professional presentations, complex ideas, solutions and innovations to clients and Avint Leadership
• Serves as an Avint brand ambassador
• Always embodies Avint's core values
• Significantly contributes to growth initiatives in vulnerability management areas

Must be able to obtain a clearance or hold a current active Public Trust, Secret or Top secret clearance

Benefits

Joining Avint is a win-win proposition! You will feel the personal touch of a small business and receive BIG business benefits. From competitive salaries, full health, and generous PTO and Federal Holidays. Additionally, we encourage every Avint employee to further their professional development. To assist you in achieving your goals, we offer reimbursement for courses, exams, and tuition. Interested in a class, conference, program, or degree? Avint will invest in YOU and your professional development!

Avint is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity and Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.