Nessus Engineer

Oneida Technical Solutions, LLC (OTS) has a rich history of providing IT support and associated services in highly complex, highly regulated, highly secure environments, including the U.S. Department of Defense (DoD), law enforcement, health care, retail, and the casino gaming industry. We have an exciting opportunity to support the Air Force Enterprise IT as a Service (EITaaS) Wave 1, specifically advancing the solution for bringing the EITaaS IT Service Management offerings to SIPR.

We are currently seeking a Nessus Engineer for an onsite position in Chantilly, VA.

This position supports our cybersecurity initiatives by conducting vulnerability assessments and ensuring the overall security of our networks and systems. This position is critical in maintaining and improving the integrity and safety of our infrastructure using the Nessus vulnerability scanning tool. The ideal candidate will have hands-on experience with Nessus or similar vulnerability management tools, a solid understanding of security best practices, and a passion for mitigating risks in complex IT environments.

• Minimum of 10 years' experience in vulnerability management, cybersecurity, or IT security.
• Hands-on experience with Nessus (or similar tools such as OpenVAS, Qualys) for vulnerability scanning and management.
• Experience with network protocols (TCP/IP, HTTP, DNS, etc.), operating systems (Windows, Linux, macOS), and security best practices.
• Installing and Configuring Nessus, Nessus Manager, Nessus Agents, Log Correlation Engine, Nessus Network Monitor, and Security Center on both Linux/Unix and Windows based environments
• Responsible for installing and configuring Nessus Agents
• Responsible for adding scan policies, audit policies, and credentials to Security Center, and Nessus Manager.
• Responsible for configuring Nessus Manager scan pulls to Security Center
• Tenable-Nessus Security Analyst
• Responsible for defining scan policies and audit policies
• Responsible for adding scan credentials
• Responsible for Scheduling scans
• Responsible for Generating Scan Reports
• Responsible for importing/uploading scan reports for Vulnerability
• Responsible for the Analysis and validation of the scan results.
• Strong background in vulnerability assessment, risk management, and remediation.
• Advanced knowledge of Nessus Professional or Tenable.io.
• Familiarity with vulnerability management best practices, including risk scoring (CVSS, CVE, etc.)
• Knowledge of web application security, network security, and common vulnerability classes (e.g., SQL injection, cross-site scripting, buffer overflows).
• Familiarity with scripting (e.g., Python, Bash) for automation and custom scan configurations is a plus.
• Experience with SIEM tools and incident response is a bonus.
• Knowledge of regulatory compliance standards such as PCI DSS, HIPAA, NIST, ISO 27001, and SOC 2.
• Excellent analytical and problem-solving skills with a strong attention to detail.
• Ability to translate technical findings into understandable and actionable reports for non-technical stakeholders.

• DoD 8140 compliance, CompTIA Security or higher
• Must have Active Secret Clearance

Certifications:

• Tenable Certified Nessus Expert (TCNE) or equivalent certifications.
• CISSP, CISM, or other security certifications are a plus.

Oneida Technical Solutions, LLC is an equal opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, national origin, age, disability, marital status, veteran status, sexual orientation, gender identity, genetic information or any other protected characteristic under applicable law.

#CJ

Salary : $115,000 - $135,000