Job Requisition:Vulnerability Management Analyst
The Defense Group of Leidos has an opening for a Vulnerability Management Analyst supporting the Global Information Grid (GIG) Service Management-Operations (GSM-O) contract at Ft. Meade, MD .
The Vulnerability Management Analyst will support the analysis of software/hardware vulnerabilities and the impact those vulnerabilities will have to DoD systems. In addition they will utilize this expertise to identify priority level for vulnerability fix actions and contribute to the mitigation strategies that can be implemented prior to the release of a vendor fix action. They will understand the lifecycle of the network threats, attack vectors and methods of exploitation and have specialized knowledge in computer network theory and understand IT standards, including the OSI model, and the methods of exploiting those standards.
The candidate will support GSMO Task Order 30
- Establish communications with vendors for the release of newly identified vulnerabilities and to ensure they understand the specialized requirements of DoD information systems.
- Leverage a specialized understanding of vendor products and fix actions to develop mitigations orders for the identified vulnerabilities.
- Compile daily, weekly and annual vulnerability metrics associated with affected and non-affected DoD products.
- Utilize tracking tools to upload information for DoD component consumption and vulnerability compliance tracking.
- Create situational awareness products to provide DoD components with detailed information related to vulnerabilities and appropriate mitigation strategies.
- Identify, analyze, and develop mitigation or remediation actions for system and network vulnerabilities.
- Prioritize identified vulnerabilities based upon severity, potential operational impact, and other factors for DoD.
- Conduct open source research to identify and analyze known and unknown vulnerabilities.
- Analyze issues affecting DoD components with vendor provided fixes and contact the appropriate vendor for a defined and attainable solution.
- Conduct coordination with DISA/FSO, DoD CC/S/A/FA, Intelligence Agencies, LE, US Government organizations.
- Provide notification of potential threats by tracking vulnerabilities and exploits, propagation of worms and viruses as they migrate throughout DoD and globally.
- Develop, document, and convey IAVM operational requirements to enhance capabilities to identify, track, and remediate system and network vulnerabilities as well as for a real-time patch management capability.
- Monitor the progress of internal and external organizations to ensure IAVM operational requirements are fulfilled for Government review.
- Active DoD TS/SCI clearance and eligible for polygraph
- Bachelor’s Degree + 4-8 years of related experience
- Previous tools experience working with ArcSight, Splunk, PCAP, JIMS or equivalent toolsets.
- Technical understanding in some of the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication installation, or malware types), or intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch, or open source information collection)
- Experience in an Operations Center providing Senior Leaders specified reports based on information received from supporting units.
- Have working knowledge of threat and vulnerability analysis, routing protocols, routing, intrusion detection systems, intrusion protection systems, Domain Name Service, or network traffic analysis.
- Critical/logical thinking skills
- Experience working with the Intelligence Community and priority intelligence requirements
- Advanced communications and presentations skills (verbal and written) enabling precise conveyance of information across all CC/S/A/FA with command and proper enunciation of the English language
- DoD 8570 Requirements IAM Level III
- ITIL v3 Foundation certified
External Referral Eligible
External Referral Bonus:Eligible
Potential for Telework:No
Clearance Level Required:Top Secret/SCI
Scheduled Weekly Hours:40
Job Family:Cyber Security2000Defense
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to [email protected].
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.