|

Get new similar jobs by email for

Technical Security Assessment ...

By continuing you agree to Monster's Privacy policy, Terms of use and use of cookies.
Monster
 
 
 
 

Job Summary

Company
Knowledge Consulting Group
Location
Washington, DC
Industries
Computer/IT Services
Job Type
Full Time
Employee
Years of Experience
7+ to 10 Years
Education Level
Bachelor's Degree
Career Level
Experienced (Non-Manager)
Job Reference Code
1453

Technical Security Assessment Engineer

About the Job

The Technical Security Assessment Engineer will be a key team member of a security assessment team that will conduct monthly on-site IT security assessments for a federal government client.  Responsibilities include:
  • Determining the technical scope for security assessments
  • Performing network enumeration activities to identify systems, devices, and network services available on a network
  • Conducting network and application vulnerability assessments
  • Validating vulnerability assessment results and eliminating false positives
  • Conduct web application security assessments
  • Developing recommendations for security issues and vulnerabilities identified during assessments
  • Communicating results to clients ranging from technical staff to executive management
  • Developing tools to increase the level of automation for security assessment methodologies
  • Provide ongoing subject matter expert support for clients

Requirements:

Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information.Must be clearable to the Top Secret level. Public Trust, Secret, or Top Secret  clearance is preferred.

  • 8 or more years experience in analyzing security controls and developing solutions to security problems
  • 5 or more years experience working with NIST IT security guidance
  • CISSP and/or CISA certification
  • Excellent communications and oral presentation skills
  • Experience in identification, exploitation, and remediation of system, network, and application vulnerabilities.
  • Experience in performing vulnerability assessments using Nessus, Qualys, Foundscan, Appscan, Core Impact, NGS, nCircle, Fortify, Rapid7, nmap, metasploit, or other assessment tools
  • Experience in validating vulnerability scanning results and false positives
  • Experience in performing manual and/or automated security configuration reviews of network devices, servers, and workstations based on secure configuration checklists such as CIS, NSA, DSA, SANS, Microsoft, Cisco, etc.
  • Experience in performing network architecture assessments and sensitive data flow analysis
  • Experience conducting NIST 800-53 security control assessments
 

Job Tools

  • Follow Company
    Your information may be shared with the company.
  • Following Company
  • Print
  • Share
  • Report this job