Vulnerability Engineer
ECS Corporate Services

ECS is seeking a Vulnerability Engineer to work in our Fairfax, VA office.

Job Description:

As a leading managed cybersecurity services provider, ECS delivers a highly tailored and customized offering to each customer. Our team is responsible for protecting the ECS corporate and customer networks. Our mission is broad, and our team is agile. We will leverage your unique skills to help solve customers' challenges, such as engineering a system to address a technical hurdle, protecting customer data, or consulting on a wide range of security topics. You are empowered to engage and lead across multiple groups and must have the self-sufficiency and focus to work well without constant oversight.

Our Vulnerability Management Engineers support our commercial customers on behalf of the ECS MSP. They are responsible for driving the strategy, evaluation, process, execution, and operations of ECS' Vulnerability Management Program.

Required Responsibilities:

• Perform vulnerability management scans across customer systems. Continually optimize vulnerability scan frequencies, ensuring they are in sync with customer remediation cycles.
• Manage vulnerability scans to ensure all infrastructure is being covered via network based scanning and local based scanning (agent)
• Understanding of network routing to ensure network scans will run properly based on scanner placement
• Ability to deploy necessary scanning tools to customer environments and/or customer endpoints
• Conduct research on the latest vulnerabilities and exploits. Implement a risk-based vulnerability approach that strategizes and enables efforts to treat vulnerabilities that are relevant, exploitable, and possess significant business risk.
• Extensive experience in working with organized patching teams to identify, assess and remediate vulnerabilities is required
• Extensive experience in working with ongoing process improvements to a large-scale vulnerability management program is required
• Information security subject matter expert
• Windows and Linux System Engineering/administration background
• Identify and understand vulnerabilities in systems, applications, and networks.
• Conduct custom vulnerability assessments.
• Develop effective strategies to tackle security threats based on varying customer environments.
• Ability to research and engage in creative solutions for out of box problems
• Conduct network security audits and scanning on a predetermined basis.
• Use automated tools (e.g. Tenable) to pinpoint vulnerabilities and reduce time-consuming tasks.
• Use manual validation techniques and methods to gain a better understanding of the environment and reduce false positives (e.g. Nmap)
• Ability to write vulnerability reports and discuss in depth with customers how and why they're effected
• Prepare and present operational and executive metrics that measure performance, prompt actions, and convey the value delivered by the vulnerability management capability

Required Skills:

• Bachelor's degree; preferably in Computer Science, Information Security, or a related field.
• Knowledge of multiple Vulnerability Management platforms (Qualys, Tenable, Rapid 7, etc.)
• Knowledge of multiple Patch Management systems. (SCCM, Jamf, Tanium, etc.)
• Familiar with DevOps tools/methods including tools such as GIT, Ansible, & Jenkins.
• Familiar working in an Agile and Waterfall project methodology.
• Hands on experience with LINUX and Windows administration.
• Security Experience with Cloud Technologies (Azure, AWS, GCP).

Desired Skills:

• Possess an industry certification, such as Certified Ethical Hacker (CEH), GIAC Web Application Penetration Tester (GWAPT), CompTIA Cybersecurity Analyst (CySA+), GIAC Certified Vulnerability Assessor (GCVA), etc.
• Vendor Certifications: Tenable Certified Nessus Auditor, Rapid7 Nexpose Certified Administrator, Rapid7 Metasploit Pro Certified Specialist, QualysGuard Certified Specialist, etc.
• Prior experience performing vulnerability management within an MSSP.

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, sex, age, sexual orientation, gender identity or expression, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, status as a crime victim, disability, protected veteran status, or any other characteristic protected by law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.

General Description of Benefits

This job has expired.