Job Description
SURGE work for the next 5-6 months. Requires Secret and 8570 compliance Requires Communication skills, personality, and thick skin. Preference is for someone with previous DOD experience The role requires: - 5 years of experience - Secret / Tier 3 - Primary Location: Washington D.C., or Seaside, CA - Location Requirement: Hybrid (Average 1 day per week on site) - Expected Role Duration: 5-6 month surge support, work ends by mid March Candidates should have a strong in-depth knowledge of the Windows OS (Windows Workstation and Windows server) as well as a foundational knowledge of LINUX/UNIX OS, networking, databases, and other IT Technologies required. Working knowledge of DevSecOps functionality a plus. Requirements: 5+ years of operational experience in vulnerability management or security engineering with a working knowledge of OS hardening/compliance/DISA STIGs. Position requires 8570 Certification (e.g. Security +, CISSP). Desired Skills: Working knowledge of ACAS. Knowledge of PowerShell. Experience with MECM, Tanium, and MDE a plus Understanding of DISA STIGs and Information Assurance Vulnerability Management (IAVM) Program Working knowledge of Red Hat Advanced Cluster Security for Kubernetes (StackRox) and Splunk strongly desired. Strong critical thinking, communication, and organizational skills Collaborates with technical and compliance teams across the organization. Capable of performing trend and analysis of vulnerability scan data and preparation of weekly metrics for presentation to leadership Experience in Information Technology/Vulnerability Management/Cybersecurity Demonstrate deep technical knowledge in the management and configuration of operating systems, networks, and software including knowledge of OS authentication mechanisms, permissions, and a solid understanding of networking In-depth knowledge of network protocols, operating systems, and common vulnerabilities. Familiarity with security frameworks and standards (e.g., NIST, ISO 27001) Demonstrate broad security experience, which must include vulnerabilities, risks, and security mechanisms that are common in today's government systems