Centurion Consulting Group
Vulnerability Assessment Lead Germantown, MD
The Vulnerability Assessment Lead will establish a program for use throughout NNSA, completes vulnerability assessments, identifies opportunities for improvement, and communicates recommended solutions for addressing risk. The successful candidate should have familiarity with Law Enforcement/Counterintelligence (LE/CI) procedures, inter/intra-agency coordination, evidentiary procedures, and analysis. The consultant needs to be familiar with cyber defense capabilities The ideal candidate must understand the lifecycle of the network threats, attack vectors and methods of exploitation as it relates to insider threat and the analysis of alleged fraud, waste & abuse.
- US Citizenship
- DoD TS, DOE Q clearance or the ability to obtain one within 3 months of award
- DoD 8570 IAT or IAM Level III certification
- Bachelor’s degree in a cyber related discipline and 8-10+ years of prior relevant work experience within IT/Cybersecurity
- Excellent communication skills with all levels of stakeholders
- Experience in creating and publishing security related alerts, bulletins, and notifications based on identified software and hardware vulnerabilities and monitor for compliance.
- Ability to continuously research emerging threats to the environment to disseminate the information to all stakeholders, immediately assess the known environment for presence of the vulnerability, and work with the enterprise networking teams to proactively block exploitation within the environment.
- Proficient in vulnerability scanning, tracking and remediation techniques
- Conducts, operates, and maintains assessments and the resulting Vulnerability Assessment (VA) data and reports
- Conducts Host-based and Network Vulnerability Assessments on a wide variety of endpoints to include ICS/OT, Database and Web based applications.
- Develop tactics, technique, and procedures (TTPs) to combat newly discovered threats
- Proven ability to direct multiple contractor and subcontractor teams through project completion
- Prior experience serving as the RMF/Audit & Compliance Subject Matter Expert (SME) guiding and directing a team of risk assessment staff in the management and Service Level Agreement (SLA)-based performance of the enterprise cyber auditing services for the customer
- CISSP Certification
- DOE and/or NNSA site experience strongly preferred
- Knowledge of DOE and/or NNSA security policies and procedures
- Experience working in both Classified and Unclassified operations
- Experience working within Security Operation Center (SOC) and/or Managed Service environments
- 5+ years’ experience operationally managing an enterprise audit and compliance function within a government agency
- Knowledge of and/or experience with SD 205.1
- Travel up to 10%
Clearance: Current and Active TS
US Citizenship is required
Travel: < 10% (CONUS)
Centurion Consulting Group, LLC is an Equal Opportunity Employer EOE M/F/D/V
No third parties or subcontractors