Job Description
POSITION RESPONSIBILITIES
Note : All official drafts, documents, and recommendations, as listed below, must be reviewed, finalized, and approved / accepted by appropriate BPA manager or other federal personnel with the authority to do so.
- With BPA Manager review and approval, perform the following :
o Control Center Cyber Vulnerability Scanning :
Define, identify, and classify the security holes (vulnerabilities) in a computer, network, or communications infrastructure.Interact with business units to Client, triage, and resolve security vulnerabilities with manual and automated tools to enforce security criteria as part of a Secure Development Life Cycle on a continuous basis.Research and investigate new and emerging vulnerabilities.nalyze vulnerabilities to appropriately characterize threats and provide remediation recommendations.Forecast the effectiveness of proposed countermeasures and evaluate their actual effectiveness after they are put into use.ssist to conduct vulnerability assessments (application and / or infrastructure) and articulate security issues to technical and non-technical audience(s).Conduct vulnerability assessments using tools such as NMAP, Nessus, or other related tools. Alert the BPA manager of any concerns.Operate and analyze results of open-source security tools and vulnerability scanners including Wireshark, ngrep, nmap, and Snort :nalyze network and wireless traffic, and report to BPA management on abnormal activity.Compile vulnerability data from many sources and track technical resolution and mitigation times.Report findings and maintain on-going assessments for regulatory reporting.lert BPA manager and generate system vulnerabilities reports; interface and collaborate with internal groups to identify, discuss, and develop remediation recommendations.Present recommended remediation plans for BPA management, sponsor, and stakeholder review and approval.Track and follow through to completion assigned remediation activities. Seek BPA manager guidance with prioritization questions or concerns.ssist with vulnerability assessments including evaluation of specific configurations of network devices, operating systems, and network enabled software applications on both Windows and Linux platforms. Perform network discovery and comparison with known cyber assets.o Vulnerability Scanning :
Configure vulnerability assessment tools, as well as perform scans, research and analyze vulnerabilities, identify relevant threats, corrective action recommendations, summarize, and report out results.Identify critical flaws in applications and systems that cyber attackers could exploit.Conduct vulnerability assessments for networks, applications, and operating systems.Use automated tools (e.g. Nessus) to pinpoint vulnerabilities and reduce time-consuming tasks.Use manual testing techniques and methods to gain a better understanding of the environment to reduce false negatives.Develop, test, and modify custom scripts and applications for vulnerability testing.Manually validate report findings to reduce false positives.Compile and track vulnerabilities over time for metrics purposes.Write and present comprehensive Vulnerability Assessments on new systems.Review and define requirements for information security solutions.Supply hands-on training to network and system administrators of the vulnerability scanning program.Develop and maintain a vulnerability assessment database.Perform trend and analysis of vulnerability scan data.Generate reports that identify security posture of the base (i. e. deficiencies, history of repeats, etc.).Develop and document Transmission Operation's Standard Operating Procedures (SOPs), checklists, guides, best practices, and procedures for conducting vulnerability assessments.utomate procedures using scripts, Sequel (SQL), database administration, or other available technology.Report out on repeat high vulnerabilities to the communications unit monthly.Maintain functionality of vulnerability management tools including configuration and maintenance of applications (e.g. Nessus, Tenable Security Center, and other vulnerability assessment tools).Perform information system security vulnerability scanning to Client and analyze vulnerabilities and characterize risks to networks, operating systems, applications, databases, and other information system components.Conduct compliance scanning to analyze configurations and facilitate implementation of configurations and hardening settings for networks, operating systems, applications, databases, and other information system components. Engage with stakeholders, to include other IT professionals, BPA management, and internal or external auditors to facilitate vulnerability discovery and remediation.Communicate security and compliance issues to BPA management, customers, and stakeholders effectively and timely.Recommend appropriate remedial actions to mitigate risks and verify information systems employ appropriate level of information security controls.nalyze Vulnerability scan results and engage with customers to resolve identified vulnerabilities.Verify remedial actions and validate compliance with information security policy and regulatory requirements.ssist in development and implementation of information security vulnerability management policies, procedures, and standards based on National Institute of Standards and Technology (NIST) 800-53 standards, best practices, and compliance requirements.Mark documents and maintain filing system(s), files, emails, and records in accordance with compliance requirements. Share and disperse documents only to appropriate personnel (those with a Lawful Government Purpose (LGP) to know). Mark and maintain all official records in accordance with the Information Security (INFOSEC) and Information Governance & Lifecycle Management (IGLM) standards and procedures. Validate official records are accurately maintained for auditing purposes.REQUIREMENTS
Education & Corresponding Experience (required on matrix)
degree in Computer Science, Information Technology, or a directly related technical discipline is preferred.o 8 years of experience is required with an applicable associate or bachelor's degree.
o 10 years of experience is required without a degree or applicable degree or with no degree.
Experience includes a minimum combination of work-related experience, on-the-job training, and / or vocational training. Experience should be consistent with the specific requirements of Computer / Information Technology or related field, and progressively more technical in nature.Required Technical Skills & Experience (required on matrix)
2 years of experience with the following :o Classes of vulnerabilities, appropriate remediation, and industry standard classification schemes (CVE, CVSS, CPE).
o Linux and Windows operating systems, including common programming or scripting languages.
o Devising methods to automate testing activities and streamline testing processes.
Knowledge of patching programs of major hardware / software manufacturers. Knowledge of secure configuration and hardening of systems.Knowledge of methods for on-going evaluation of the effectiveness and applicability of information security controls (e.g., vulnerability testing, and assessment tools).Knowledge of security vulnerabilities, application analysis, and protocol analysis.Knowledge of network topology, communication protocols, firewalls, proxies, and IDS systems to affectively configure scanning software.Preferred Skills & Experience (optional on matrix)
Experience setting up and administering an enterprise cyber vulnerability scanning and assessment infrastructure.Experience administering computer systems in a 24 / 7 high availability operational environment.Experience using specific technologies such as Splunk.Experience administering Tenable.sc and Nessus.Additional Requirements (not required on matrix)
Valid U.S. Driver's License is required.
