What are the responsibilities and job description for the Senior Computer Network Defense (CND) Auditor position at MKS2 Technologies?
Founded in 2008, MKS2 Technologies has helped Federal government customers design, implement and sustain mission-focused IT solutions focusing on cyber security support, enterprise application development, and instructional design and training. MKS2 is a Service-Disabled Veteran-Owned Small Business (SDVOSB) headquartered in Austin, Texas, with regional offices in Colorado Springs, CO, Monterey, CA, Portland, ME, and Washington, D.C.
Our full-time staff works on Federal services contracts in 27 states and the District of Columbia to provide mission-critical support to the Department of Veterans Affairs, The U.S. Army, and the U.S. Navy.
A NEW, five-year contract award has created the opportunity for a Senior Computer Network Defense (CND) Auditor to support our government customer based in Springfield, VA.
Description
- Conduct threat and vulnerability assessments and determines deviations from acceptable configuration or policies.
- Assess the level of risk and develop or recommend appropriate mitigation countermeasures in operational and non-operational situations.
- Identify, analyze, and mitigate threats to information systems using CND tools.
- Investigate and analyze response activities related to cyber incidents within the environment.
- Develop and provide Cybersecurity assessment reports, summaries, and other situational awareness information for presentation to the CIO or designated representative(s).
- Develop and maintain documentation as it pertains to the use and operation of vulnerability assessment tools (SOPs, assessment plans, test plans, vulnerability reporting, incident reporting, incident response, etc.).
- Develop and execute a continuous assessment and analysis strategy for hosted information systems to monitor and report on any vulnerabilities, misconfigurations, and non-compliance issues; watch for and report on newly discovered assets that are authorized or unauthorized; monitor and report on any systemic security issues based on analysis of vulnerability and configuration data.
- Configure, operate, and maintain vulnerability scanning tools used to conduct scans and security assessments.
Qualifications
Required/Desired Experience:
- 7 years of experience in Information Security (INFOSEC) operations and/or cybersecurity-related experience is required.
- 5 years of experience in using vulnerability scanning software products (Tenable, Nmap, SCAP Compliance Checker, STIG Viewer, etc.) is required.
- 7 years of experience working in an operational Security Operations Center (SOC) as a cybersecurity professional, or amongst a team with responsibility for similar functionality and behavior is desired.
- 7 years of demonstrated experience working with industry standard solutions for vulnerability assessment and management, penetration testing, advanced network inspection/analysis, advanced malware detection, data loss prevention (DLP), Incident Response, and Forensic Tools is desired.
Education Certification Requirements
Candidates must meet the Cyber IT/Cybersecurity Workforce (CSWF) SECNAV M-5239.2 requirements for Vulnerability Assessment Analyst (541); Intermediate Level. Visit: Navy Cool Cyber IT/CSWF Workforce Model for full description.
- Education: Bachelor’s degree from accredited University; OR
- Industry Certification(s): Certified Ethical Hacker (CEH) or CompTIA Security ce
Security Clearance
- This position will require U.S. citizenship and an active DoD TS/SCI clearance; the ability to obtain and maintain a Counterintelligence (CI) Polygraph is required.