Vulnerability Assessment Analyst - Senior

Job Location: Fort Meade, MD

Job Category:

Position Type: Full Time, 40 hours per week

Athena Technology Group, Inc. is a Service-Disabled Veteran Owned /Small Business (SDVOSB) focused on Information Technology and Communications consulting, system engineering, integration, deployment and operations of stat of the art command and control and information systems that deliver critical network centric solutions to the warfighter. With a proven track record of technical support to our customers, we are looking for innovative industry professionals to join our team. Please contact info@athenatechgrp.com.

JOB DESCRIPTIONS:

Performs vulnerability assessments (VA) of systems and networks within DISA networked environment or enclaves and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities. Provide risk-based recommendations on vulnerability assessment findings and compliance validation checks. Maintain expertise and proficiency with vulnerability testing tools and methodologies.

Tasks:

Analyze organization's cyber defense policies and configurations and evaluate compliance with regulations and organizational directives.

Conduct and/or support authorized vulnerability testing on enterprise network assets.

Maintain vulnerability toolkit (e.g., specialized cyber defense software and hardware) to support cyber defense VA missions.

Prepare VA reports that identify technical and procedural findings and provide recommended remediation strategies/solutions.

Perform technical (evaluation of technology) and nontechnical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, networking environment, work-place environment)

REQUIRED EXPERIENCE:

• Bachelor’s degree in Computer Science, Cyber Security or Information Technology
• 10 years relevant experience or a Masters with 5 years
• DOD 8570 IASE Level II (e.g. CASP CE, CISSP, CSSLP) and/or CSSP (e.g. CEH)
• TS/SCI

Required certified with a Security Fundamentals Professional Certification (SFPC) under the Security Professional Education Development (SpeD) Program, IAW DODI 3305.13, DOD Security Training. While the SFPC is the preferred professional certification for Traditional Security Personnel, the Certified Protection Professions (CPP) from the American Society for Industrial Security (ASIS) will be accepted in lieu of the SFPC. If not certified upon start, the reviewer must have one of the following compensatory qualifications:

- Two (2) years’ experience in Traditional Security Disciplines.

- Successful completion of the DOD Security Specialist Course or an equivalent military service course.

- Successful completion of the following Computer Based courses:

Introduction to DOD Security Specialist Course GS020.16

Security Policies, Principles, and Programs GS140.06

Introduction to Industrial Security IS011.06

Introduction to Personnel Security PS113.06

Introduction to Information Security IF011.06

Introduction to Physical Security PY011.06

Storage Containers and Facilities PY105.06

Physical Security Measures PY103.06

Citizenship and an active DOD TOP SECRECT/SCI Clearance are required for the position. Salary will be commensurate with experience. ATG is a growing company and there will be opportunities for internal advancement. ATG is an Equal Opportunity Employer.