Our client is seeking a Principal Scanning Engineer to support the Diplomatic Security Cyber Mission (DSCM) program providing leading cyber and technology security experience to enable innovative, effective, and secure business processes. This position will work a rotating hybrid schedule in Beltsville, MD. WEEK 1 - 2 days onsite, 3 days remote WEEK 2 - 3 days onsite, 2 days remote. Vulnerability Scanning:
Perform regular vulnerability scans across the Department's systems and networks, identifying deviations from acceptable configurations and standards.
Evaluate and prioritize identified vulnerabilities based on potential impact and risk and recommend remediation strategies and solutions.
Collaborate with system owners and administrators to address identified vulnerabilities and ensure timely remediation.
Execute enterprise-wide operating system and application compliance verification, assessing adherence to established security policies and best practices.
Develop security baseline configuration compliance and vulnerability scan policies for Department-hosted operating system platforms (e.g., Windows, UNIX, Linux, Cisco, Juniper, etc.).
Prepare audit reports identifying technical and procedural findings, providing recommended remediation strategies and solutions.
Perform security authorization audits using NIST Risk Management Framework (RMF), NIST Cybersecurity Framework, and FISMA reporting criteria for security control testing procedures, and create the associated Security Assessment Reports.
Web Application Scanning:
Conduct web application vulnerability scanning to identify potential security risks and weaknesses in web applications and services.
Collaborate with web developers and application owners to address identified vulnerabilities and ensure the implementation of secure coding practices.
Monitor emerging web application vulnerabilities and threats and recommend appropriate mitigation strategies.
Perform database vulnerability scanning to identify potential security risks and weaknesses in database management systems and configurations.
Collaborate with database administrators to address identified vulnerabilities and ensure the implementation of secure database practices.
Monitor emerging database vulnerabilities and threats and recommend appropriate mitigation strategies.
Basic Qualifications- To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:
Bachelor’s degree in computer science, Information Systems, Cybersecurity, or a related field, and a minimum of 9 years of experience in enterprise scanning, vulnerability management, or cybersecurity; an additional 4 years of experience may be substituted in lieu of degree.
US Citizenship required with the ability to obtain an interim Secret security clearance before start date with the ability to obtain a Top-Secret clearance.
Must be able to work a hybrid schedule.
Possess or be able to obtain before start date one of the following certifications: CASP+CE, CCNA Cyber Ops, CCNA-Security, CCNP-Security, CEH, CFR, ISA, CISSP (or Associate), Cloud+, CySA+, GCED, GCIA, GCIH, GICSP, or SCYBER.
In-depth knowledge of vulnerability, compliance, web application, and database scanning methodologies and best practices.
Familiarity with various operating systems (Windows, UNIX, Linux, Cisco, Juniper, etc.).
Experience using Tenable software suite to perform vulnerability scanning, discovery scans, and baseline compliance scoring.
Strong analytical and problem-solving skills, with the ability to identify and resolve complex security issues.
Excellent communication and interpersonal skills, with the ability to work collaboratively with cross-functional teams.