SHAPE / Mons, Belgium
Please take this opportunity to join one of GDIT’s fastest long-standing growing programs! US Battlefield Information Collection and Exploitation System eXtended (US BICES-X) is a cutting edge program supporting DoD intelligence information sharing on current and emerging global threats to mission and coalition partners and emerging nations.
With an internationally dispersed team supporting each combatant command, the US BICES-X team is in direct support of the war fighter and their missions.
We are seeking a creative and driven professional with a passion for solving real world issues on a cross-functional, fast paced team.
As a Vulnerability Management Administrator supporting USBICES you will be responsible for testing, implementing, deploying, maintaining and reviewing the infrastructure hardware and software that are required to effectively manage the Vulnerability Management Program.
Principal Duties and Responsibilities
Performs all procedures necessary to ensure compliance with requirements for the scanning and identification of vulnerabilities in networks, servers, endpoints, and applications.
Primary responsibilities will include configuration, maintenance, integration and reporting for vulnerability scanning operations.
Performs Vulnerability Management (VM) activities for a large Program; coordinates with government Program staff, USAF, and other government agencies to assist in the creation, dissemination, direction, and auditing of VM policies, standards, and operating procedures.
Configure and perform vulnerability scans to discover and analyze vulnerabilities and characterize risks to networks, operating systems, applications, databases, and other information system components.
Configure and perform compliance scanning to analyze configurations and facilitate implementation of configurations and hardening settings for networks, operating systems, applications, and other information system components.
Communicate security and compliance issues to government leaders, Cybersecurity Operations and A&A staff in an effective and appropriate manner.
Provide status reports to stakeholders, senior GDIT and government personnel related to VM metrics / results, key risk indicators, trending and compliance.
Engage with stakeholders and management to facilitate vulnerability discovery and remediation.
Create and maintain SOPs / TTPs for the VM program.
Validate remediation actions and ensure compliance with information security policy, regulatory and contractual requirements.
Assist in the development, update and implementation of VM policies, procedures and standards based on NIST 800-53 standards, best practices and compliance requirements.
Perform system administration, and maintain configuration control, of VM hardware, systems and application software. Coordinate upgrades and other maintenance activities on VM tools.
Maintain proficiency in VM best practices.
Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
Collaborate on and provide VM results and metrics for consistent reporting.
Required Qualifications :
2+ years of experience required.
Must possess and maintain a Secret clearance.
BA / BS degree or equivalent work experience required.
Knowledge of related hardware and software best practices.
Must meet DoD 8570 requirements and be eligible for IAT level II access upon hire. The CompTIA Security+ CE Certification is the preferred certification.
Also acceptable are alternative security certifications.
The ITIL Foundation V3 certification is required within six months of hire; version 4 is preferred.
Experience applying DISA standard Security Technical Implementation Guides (STIGs).
Experience complying with DoD-CERT Information Assurance Vulnerability Alerts (IAVAs).
This position may be required to complete short-term deployments to austere locations worldwide.
Desired Qualifications :
Additional specific certifications may be required.
Professional certification in one or more Microsoft operating system and application technologies.
Experience with VMWare View Technology.
Experience working with VMware App Volumes.
Comprehensive knowledge of the principles, methods, and techniques used in network administration and support.
The work is typically performed in an office environment, which requires normal safety precautions; work may require some physical effort in the handling of light materials, boxes or equipment.
The above job description is not intended to be, nor should it be construed as, exhaustive of all responsibilities, skills, efforts, or working conditions associated with this job.
Requests for reasonable accommodations will be considered to enable individuals with disabilities to perform the principal (essential) functions of this job. #BICES and #CJPOST