ECS is seeking a Vulnerability Management Analyst (Mid-Level) to work in our Washington, DC office.

Job Description:

• Communicate appropriate vendor and scan system recommended solutions as part of comprehensive remediation solutions.
• Follow-up with owners to ensure remediation efforts are consistent with policy and escalate instances of noncompliance.
• Track progress of vulnerability remediation with responsible stakeholders and support teams.
• Work with Cybersecurity staff to troubleshoot performance and connectivity issues with network scanning and security assessment tools.
• Work with Cybersecurity staff to evolve the Security Operations continuous monitoring toolsets and reporting to provide better vulnerability insight.
• Research vulnerability impact or remediation. Provide comprehensive analysis back to leadership.
• Present vulnerability reports to cross-functional stakeholders, to include Cybersecurity leadership.

Required Skills:

• BS in related field.
• Perform vulnerability scans and develop applicable vulnerability reports for customer systems.
• Analyze scan results and engage with stakeholders to resolve identified vulnerabilities, document exceptions, and false positives.
• Experience operating vulnerability and compliance scanning tools such as WebInspect, Tenable Nessus Security Center, Tripwire, etc.
• Perform deep-dive analysis of vulnerabilities leveraging data from various sources; analyze data sources and provide recommendations for optimal reports.
• Perform configuration and deployment of vulnerability scanning and network assessment tools.

Desired Skills:

• Knowledge of security fundamentals, common vulnerabilities, vulnerability management, patch management, and configuration management best practices.
• Technical experience discovering, validating, and remediating network vulnerabilities.
• Familiarity with common exploitation techniques and the applications of Common Weakness Enumeration (CWE) and Common Vulnerability Scoring System (CVSS).
• Experience interpreting security advisories. Ability to leverage diverse sources to gain a technical understanding of a vulnerability, exploitation, and potential impact.

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3000 employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.