Vulnerability Assessment Team Lead

Description

Department of Homeland Security (DHS) Network Operations Security Center (NOSC) is a US Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the DHS Enterprise. The DHS NOSC has primary responsibility for monitoring and responding to security events and incidents detected at the Trusted Internet Connection (TIC) and Policy Enforcement Point (PEP) and is responsible for directing and coordinating detection and response activities performed by each Component Security Operations Center (SOC). Direction and coordination are achieved through a shared DHS incident tracking system and other means of coordination and communication.

PRIMARY RESPONSIBILITIES:

Information Security Vulnerability Assessment Lead

• Develop overall vulnerability assessment policies, procedures, processes, and techniques aligned with customer requirements, rules, regulations, and mandates

• Lead the seven-person Vulnerability Assessment Team, comprised of a two-person Vulnerability Management Team, a two-person Vulnerability Assessment Team, and a two-person Penetration Testing Team, driving the combined capability in conjunction with the other NOSC Tier 2 capabilities

• Work with the customer to strategize, prioritize, and execute penetration testing exercises, vulnerability assessments, and audit support per customer requirements and direction.

• Make decision-ready recommendations to the customer regarding new technologies, tools, best practices, frameworks, and maturity models to ensure the most up-to-date capabilities

• Collaborate with the DHS NOSC team to develop and assist in the implementation of mitigations for vulnerabilities detected as a result of penetration testing and other vulnerability assessments

• Conduct complex network, social engineering, and web application penetration tests, document findings and recommendations, and coordinate with system owners to facilitate remediation and hardening

• Develop the training strategy for all vulnerability assessment capabilities

• Continuously research emerging threats to the environment in order to disseminate the information to all stakeholders, regularly assess the environment for the presence of vulnerabilities, and work with the NOSC, Enterprise VAT, and enterprise networking teams to proactively block exploitation within the DHS environment

• Coordinate with NOSC cybersecurity leadership and FISMA system ISSOs and system owners to explain findings, provide recommendations on mitigations, and advocate for those mitigations

• Assess and depict risk posture through relevant metrics collection and assessment/pen-testing results

• Author and maintain strategy documentation, policy recommendations, white papers, capability assessments, risk register, and vulnerability mitigation/prevention recommendations

Basic Qualifications:

• Bachelors' degree from an accredited college in IT, cybersecurity, computer science, or related field, or equivalent experience/combined education, with 12-15 years of professional experience; or a Masters' degree with 10-13 years of relevant experience.

• At least eight years of direct experience in pen-testing, red team, purple team, and/or vulnerability management

• Familiar with the management, operational, and technical aspects of IT Security in a complex environment.

• Experience working with industry-standard cybersecurity methodologies and processes

• Advanced knowledge of TCP/IP protocols

• Experience configuring and implementing various technical security solutions,

• Substantial experience managing vulnerability/compliance scans using Tenable Nessus and/or Security Center

• Expert in Nessus Manager

• Expert in Tenable.io

• Experience in Kali Linux and associated tools

The ideal candidate is a self-motivated individual with the ability to skillfully balance mission and personnel goals and objectives

Should have at least one of the following certifications:

SANS GIAC: GCIA, GMON, GCDA GPEN, GEVA, GWAPT, GSNA, GISF, GAWN, GXPN, GWEB

Offensive Security: OSCP, OSCE, OSWP, OSEE

ISC2: CISSP

EC Council: CEH

All Department of Homeland Security NOSC employees are required to obtain an Entry on Duty (EOD) clearance to support this program.

This position can be located in Stennis, MS, Ashburn, VA, Washington, DC or Chandler, AZ.

Preferred Qualifications:

• Extensive experience working in cyber operations, particularly for a federal government customer

• Extensive experience supporting large and diverse cybersecurity environments

• Experience using cloud-based pen-testing tools

• Moderate proficiency in Splunk

• Familiarity with Swimlane

• Familiar with basic functions of Axonius

• Experience with Core Impact

• Experience with Burp Suite Pro

• Understanding of MITRE ATT&CK and various other attack and defense methodologies

• Expertise in Linux and Windows operating systems

Experience with supporting ATO audits, CSP Audits, FISMA compliance, and other ISSO functions

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.