Vulnerability Engineer

BDR Solutions, LLC, (BDR) supports the U.S. Federal Government in successfully achieving its mission and goals. Our service and solution delivery starts with understanding each client’s end-state, and then seamlessly integrating within each Agency’s organization to improve and enhance business and technical operations and deployments.

BDR is seeking a Vulnerability Engineer to join our growing team! This position will be hybrid with three (3) days a week on-site in Washington, D.C. This position requires US Citizenship with an active Secret clearance or higher.

(Military Veterans are highly encouraged to apply)

Role Overview

The Vulnerability Engineer will provide critical support in identifying, analyzing, and remediating vulnerabilities across an infrastructure consisting of over windows servers. This will include analyzing reports from multiple streams and sources as well as remediating and assigning to other members of the team when needed. This position requires a mixture of engineering, operations, hands on technical and support skills. Qualified candidates should have excellent troubleshooting and analytical skills. The individual will work closely with technical leads, infrastructure and operations teams and other cross-department teams to evaluate business needs and provide end-to-end technical solutions and manage, operate, monitor, audit, secure server assets.

Responsibilities

• Performs security hardening, patching and server certificate updates.
• Run system scans and analyze reports on system vulnerabilities on windows servers.
• Maintain and update environmental documentation, standard Operating Procedures, and engineering documentation.
• Provide support to system administrators to resolve issues when required provide support in response to outages including conducting root cause analysis.
• Recognize and escalate risks, issues, and concerns when necessary.
• Analyze vulnerability reports identify areas of responsibility for remediation.
• Resolve known exploited vulnerabilities, prioritizing critical and highs.
• Facilitate coordination of vulnerability remediations across the team.
• Develop and provide recommendations and remediations for vulnerabilities.
• Harden Windows OS with secure versions of Transport Layer Security (TLS), and cipher suites according to NIST policy.
• Assist Security Operations personnel in developing Plan of Action & Milestones (POAM’s) for vulnerabilities requiring long-lead time resolve.
• Provide on-call support and manage ticket queue.
• Demonstrate strong knowledge of vulnerability management tools such as Tenable Nessus and BigFix.

Required Minimum Qualifications:

• Bachelor’s degree in networking, cybersecurity or similar field.
• Must possess an active DOD Secret or higher clearance.
• 7 years of experience administrating and managing servers and systems, cloud infrastructure, file and print environments, specializing in Windows operating systems.
• Must possess one of the following certifications: M365, VCP, CCNP or Linux .
• Must have advanced knowledge of Microsoft Active Directory and SQL Server.
• Expert knowledge and troubleshooting skills to resolve failed update installation in Windows OS.
• Expert knowledge of AD Group policy and applying security posture via GPO's.
• Strong knowledge of System Center Configuration Manager (SCCM) is a must.
• Experience with performing root cause analysis, risk identification, and risk mitigation
• Understanding of FIPS 140-3 or cryptographic modules and how they are used.
• Must be a self-started with strong problem solving and communication skills.
• Strong knowledge of NIST-800 framework and security guidelines for windows servers and clients including DISA STIG
• Strong knowledge of CIS Benchmark guidelines for Microsoft Windows servers
• Experience with scripting tools such as, PowerShell, Azure CLI, AWS CLI, Python, and VBScript.
• Experience with Nessus Tenable scanning tools and reporting.
• Expert level experience with MS Office tools such as Excel, PowerPoint, Vizio, Word.
• Experience with installing hardware drivers, firmware, bios, and other hardware upgrades for Dell servers.
• Demonstrate knowledge of common ports and protocols used by Windows servers and clients.

Preferred Qualifications:

• Security certification(s) highly preferred such as Security , CISSP, CASP , CISA, CISM etc.
• Experience Linux/Ansible, and/or Unix experience are a plus.

In addition, U.S Citizenship is required. Select applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information and be able to obtain a government-granted security clearance. Individuals may also be subject to a background investigation including, but not limited to criminal history, employment and education verification, drug testing, and creditworthiness.

BDR is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, marital status, disability, veteran status, sexual orientation, or genetic information.