Vulnerability Assessor

Location: Washington, DC
Date Posted: 08-15-2017
Lunarline is seeking Vulnerability Assessors with at least three (3) years of experience. Candidates must have experience doing hands-on vulnerability testing, test planning, coordination, analysis, and reporting.  This position requires a strong ethical hacking mindset with proven professional experience in assessing diverse network and system architectures in a comprehensive manner. The Vulnerability Assessor will report to a project lead or program manager and works with a fair amount of independence. The successful candidate will enjoy working in a dynamic, responsive, and collaborative environment. Experience and detailed technical knowledge in security engineering, secure architecture development, system and network security, authentication and security protocols, applied cryptography, and application security is essential. Must have the ability to communicate with and distill information from technical resources during formal and informal meetings.

Duties and Responsibilities
  • Coordinate and perform periodic vulnerability assessments
  • Create monthly risk reports
  • Perform emerging threat, investigative, and other requested scans as needed
  • Keep track of and review recurring scans to ensure completeness
  • Ensure data is present for weekly and monthly status reports for client
  • Responsible for carrying out or delegating technical tasks as required
  • Possesses knowledge of systems, applications of new technology in their field of specialization

Basic Qualifications:
  • Must be a US Citizen with the ability to pass a U.S. government public trust background check
  • At least three (3) years of experience performing information systems testing and analysis with an emphasis on vulnerability scanning using both manual and automated methods
  • Experience with industry standard testing tools and knowledge of the methods and techniques used during automated and manual testing
  • Possess an IT background with knowledge of defensive security measures, such as network defenses, system configuration hardening, intrusion detection, and endpoint security

Required Qualifications:
  • Three (3) years professional experience conducting vulnerability assessments
  • Strong experience with Tenable Security Center (Nessus)
  • Experience with other tools used for vulnerability testing such as Burp Suite and Netsparker
  • Experience with Microsoft Windows and Linux OSs
  • Excellent written and verbal communication skills, especially when dealing with large reports and datasets
  • A high standard of documentation and experience writing Rules of Engagement, security test plans, risk/vulnerability assessments, and findings reports
  • Ability to translate technical information into business impact for non-technical audiences

Desired Qualifications:
  • Five (5) years professional experience conducting vulnerability assessments
  • Experience with MS Windows Patching and system administration
  • Experience in Linux patching and system administration
  • Working knowledge of PowerShell scripting in automating routine tasks
  • High familiarity with report writing through Microsoft SQL Server Reporting Services
  • Other Microsoft, Linux, Cisco, or security certifications

Minimum Education and Certifications:
  • The following certifications (more than one is preferred): Lunarline, Inc. School of Cyber Security “Certified Expert” certifications, GCIH, GCED, GCWN, GCUX, GPEN, GXPN, GAWN, GMOB, GPYC, GWATP, OSCE, OSCP, OSEE, OSWE, OSWP, or CEH
  • Computer Science degree highly desirable but not required

Place of Performance:
  • Washington, DC
Lunarline is an equal opportunity employer. It is the policy of Lunarline that all employees and applicants for employment will be treated in all respects on the basis of their merit and qualifications and without regard to their race, color, national origin, age, disability, sexual orientation, religion, gender, military status, marital status or ancestry.
Lunarline participates in the E-Verify program. Therefore, any employment with Lunarline will also be contingent upon confirmation from the Social Security Administration ("SSA") and/or the Department of Homeland Security ("DHS") of your authorization to work in the United States.
The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time, as needed
this job portal is powered by CATS