SonicJobs Logo
Left arrow iconBack to search

NIH - Vulnerability Analyst

cFocus Software Incorporated
Posted 5 days ago, valid for a month
Location

Bethesda, MD 20824, US

Salary

Competitive

Contract type

Full Time

By applying, a Sonicjobs account will be created for you. Sonicjobs's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.

Sonic Summary

info
  • cFocus Software is hiring a Vulnerability Analyst to support the National Institutes of Health (NIH) in a fully remote position.
  • Candidates must have a Public Trust Clearance and a B.S. in Computer Science, Information Technology, or a related field.
  • The role requires a minimum of 7 years of experience in vulnerability assessments or vulnerability management programs.
  • Key responsibilities include directing vulnerability scanning activities, developing management strategies, and analyzing scan results to improve cybersecurity posture.
  • The salary for this position is not specified, but it involves managing critical vulnerabilities and coordinating remediation efforts.
cFocus Software seeks a Vulnerability Analyst to join our program supporting the National Institutes of Health (NIH). This position is fully remote. This position requires a Public Trust or the ability to obtain a public trust clearance.
Qualifications:
  • Public Trust Clearance
  • B.S. Computer Science, Information Technology, or a related field
  • 7+ years with vulnerability assessments or vulnerability management programs.
  • Experience managing enterprise vulnerability scanning solutions.
  • Experience with penetration testing efforts.
  • Experience supporting Federal cybersecurity programs.
  • Experience with RMF, FISMA, and NIST guidance.
  • Experience developing executive cybersecurity reports.
  • Ability to obtain and maintain NIH suitability/background investigation.

Duties:
  • Direct vulnerability scanning activities across NIH enterprise systems.
  • Develop enterprise vulnerability management strategies.
  • Establish vulnerability assessment priorities based upon risk.
  • Continuously improve enterprise vulnerability management capabilities.
  • Analyze enterprise vulnerability scan results.
  • Perform vulnerability prioritization using risk-based methodologies.
  • Identify critical vulnerabilities requiring immediate remediation.
  • Evaluate exploitability and business impact.
  • Conduct root cause analysis.
  • Validate corrective actions.
  • Track vulnerability trends and recurring issues.
  • Coordinating remediation efforts with System Owners.
  • Tracking remediation progress.
  • Monitoring SLA compliance.
  • Escalating critical vulnerabilities within required timeframes.
  • Validating remediation completion.
  • Supporting risk acceptance processes.
  • Reducing enterprise cybersecurity risk.
  • Monitoring aging vulnerabilities.



Learn more about this Employer on their Career Site

Apply now in a few quick clicks

By applying, a Sonicjobs account will be created for you. Sonicjobs's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.