Vulnerability Analyst - job 1 of 2

Vulnerability AnalystJob LocationsUSRequisition ID2024-152939Position CategoryCyber SecurityClearanceAgency ClearanceResponsibilitiesPeraton is seeking a skilled and experienced Vulnerability Analyst to join our Security Operations team. This role requires a candidate with hands-on experience in vulnerability management and assessment within a large, multi-tenant enterprise data center environment. The successful candidate will have in-depth experience with Tenable Security Center and Tenable I.O., leveraging these tools to run comprehensive vulnerability and compliance scans, interpret findings, and engage with operational teams to successfully mitigate identified vulnerabilities.The ideal candidate will also be responsible for setting up and maintaining a continuous monitoring program for vulnerability assessments, ensuring proper integration with the Department of Homeland Security's Continuous Diagnostics and Mitigation (DHS CDM) program, and collaborating closely with the CDM team to ensure accurate reporting and feed capture to the CDM dashboard.If you have a passion for cybersecurity, a strong background in vulnerability assessment, and the ability to work cross-functionally to enhance the security posture of a large enterprise, we encourage you to apply!Day to Day Work Responsibilities:Vulnerability Assessment:• Conduct regular vulnerability assessments, including comprehensive scans for vulnerabilities and compliance issues within a large, multi-tenant enterprise data center environment.• Utilize Tenable Security Center and Tenable I.O. to configure, execute, and analyze vulnerability scans across both internal and external systems.• Interpret scan results, prioritize vulnerabilities based on severity and risk, and engage with the operations team to develop effective remediation strategies.• Continuous Monitoring Program:• Lead the setup, implementation, and management of a continuous vulnerability monitoring program.• Work closely with the DHS CDM team to ensure that relevant data feeds are being captured and accurately reported to the CDM dashboard.• Collaborate with the team to enhance the visibility of vulnerabilities and compliance posture through effective use of automated monitoring and alerting tools.• Vulnerability Remediation & Mitigation:• Act as the subject matter expert in vulnerability remediation processes, providing guidance to the operations and IT teams for mitigating identified vulnerabilities.• Facilitate and track vulnerability remediation efforts, ensuring adherence to established timelines and risk management protocols.• Monitor progress of remediation actions and provide status updates to management, stakeholders, and compliance teams.• Collaboration & Reporting:• Work with cross-functional teams, including infrastructure, operations, and compliance teams, to ensure vulnerabilities are remediated and mitigated in a timely and efficient manner.• Provide detailed, actionable reporting and analysis of vulnerability trends, risk assessments, and remediation status to senior management and stakeholders.• Participate in vulnerability triage meetings, providing technical expertise and guidance to team members and other departments.• Tool & Process Improvement:• Continuously evaluate and improve vulnerability management tools, processes, and techniques.• Provide feedback on improvements to the Tenable Security Center and Tenable I.O. configurations and workflows, ensuring the tools are optimized for the organization's needs.• Stay updated on emerging threats and vulnerabilities, proactively recommending strategies to address new and evolving risks.• Documentation & Compliance:• Maintain thorough documentation of vulnerability management processes, remediation steps, and compliance activities.• Ensure that vulnerability management processes align with industry best practices and compliance requirements, including DHS CDM, PCI-DSS, HIPAA, and others.QualificationsBasic Qualifications:• 2 years with BS/BA; 0 years with MS/MA; 6 years with no degree• Hands-on experience with Tenable Security Center and Tenable I.O., including setting up and running vulnerability and compliance scans, interpreting results, and taking actions to mitigate risks.• Proficiency in networking technologies (TCP/IP, DNS, DHCP, HTTP/HTTPS, etc.), network security protocols, and firewall configurations.• Strong working knowledge of operating systems (Linux, Windows, Unix) and their associated vulnerabilities.• Expertise in using vulnerability scanning tools (preferably Tenable products) and working with enterprise-level vulnerability management platforms.• Knowledge of DHS CDM and experience working with security monitoring and compliance platforms.• Ability to analyze complex vulnerability data, prioritize remediation efforts, and translate findings into actionable insights for both technical and non-technical stakeholders.• U.S. Citizenship required; Must have the ability to obtain and maintain a Public Trust clearancePreferred Qualifications:• Certifications (one or more of the following is a plus):• CISSP (Certified Information Systems Security Professional)• CISA (Certified Information Systems Auditor)• CEH (Certified Ethical Hacker)• CompTIA Security+ or other relevant certifications in security, networking, or vulnerability management.• Bachelor's degree in a STEM field (Science, Technology, Engineering, or Mathematics) or a related discipline, and minimum 5 to 7 years experience in vulnerability management, with a strong background in providing vulnerability assessment services within a large, multi-tenant enterprise data center.• Familiarity with additional vulnerability management platforms (e.g., Qualys, Rapid7 Nexpose) or SIEM tools (e.g., Splunk, IBM QRadar) is a plus.• Experience working with cloud security and vulnerabilities in cloud platforms (e.g., AWS, Azure, Google Cloud) is beneficial.• Strong written and verbal communication skills, including experience creating reports, presentations, and detailed documentation.• Demonstrated ability to work cross-functionally with teams from various disciplines (security, operations, infrastructure, etc.) to achieve common goals and resolve complex issues.• Strong problem-solving skills, with the ability to manage multiple tasks, prioritize effectively, and work under pressure in a fast-paced environment.Working Conditions• Full-time position located at a govt facility in MS or remote• Occasional on-call availability and flexibility may be required for incident response or critical vulnerability assessments.• Collaborative team environment with opportunities for professional growth and training.Peraton OverviewPeraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.Target Salary Range$80,000 - $128,000. This represents the typical salary range for this position based on experience and other factors.We are an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law.