Vulnerability Analyst I

Overview

Working across the globe, V2X builds smart solutions designed to integrate physical and digital infrastructure from base to battlefield. We bring 120 years of successful mission support to improve security, streamline logistics, and enhance readiness. Aligned around a shared purpose, our $3.9B company and 16,000 people work alongside our clients, here and abroad, to tackle their most complex challenges with integrity, respect, responsibility, and professionalism.

Vulnerability Analyst will scan, analyze and report compliance of systems and network infrastructure on the regional and theater level. Seeks to protect and defend information and information systems by ensuring confidentiality, integrity with non-repudiation, authentication, and availability. Reports to the RCC-SWA Cybersecurity Manager. Program: OMDAC-SWACA.

This position offers company-paid housing and transportation, a completion bonus and tuition reimbursement program

You must satisfy all host country requirements to legally work in the host country in order to be qualified for this position.

Responsibilities

• Plan, coordinate, review, analyze and provide feedback to customers on weekly vulnerability scans (i.e. - Retina coordinator/analyst, REM server administrator).
• Survey network diagrams and other artifacts, utilize network visualization tools and assist in determining if vulnerability scans are being conducted on all network assets; help identify means of overcoming gaps in vulnerability scanning.
• Prepare and assist in the preparation of vulnerability scanning reports to commanders and high headquarters; liaison with IAVM manager and IAPM regarding vulnerability and remediation issues.
• Develop plans and recommend tools for the vulnerability scanning of all Tier II network assets, regardless of type.
• Monitor INFOCON status and maintain awareness of all INFOCON requirements; assess current architecture and computer assets for INFOCON compliance.
• Develop reporting mechanisms for current INFOCON requirements and compliance of all subordinate elements and customer equipment on all networks.
• Generate and update reports for all areas of responsibility, interact with Host Based Security System (HBSS) administrators in order to leverage INFOCON enforcement and compliance capabilities.
• Serve as HBSS administrator for SWACC and serve as web developer, as required, for reporting tools.
• Review IAVA report and coordinate with all subordinate elements to remediate accordingly.
• Provide updated Patch for remediation and Firmware updates based on vendor distribution.
• Performs other duties and assignments as required.

Qualifications

• Security Clearance:
  • Requires an active Secret Clearance.
• Education / Certifications:
  • Bachelor's Degree or equivalent experience preferably in Computer Science or MIS, IS, Engineering or related field. One-year related experience can be substituted for one year of education if the degree is required.
  • This position requires candidates to adhere to DoD 8570.01M. All candidates are required to maintain at least one (1) baseline certification and one (1) computing environment (CE) certification. Baseline certifications cannot also be used as a Computing Environment (CE) certification.
  • The authorized certifications for this job title are listed as follows:
• IAT Level: IAT III
• BASELINE:
  • Cisco: CCNP: Certified Network Professional - Security
  • CompTIA: CASP+ ce: Advanced Security Practitioner
  • GIAC: GCED: Certified Enterprise Defender
  • GIAC: GCIH: Certified Incident Handler
  • ISACA: CISA: Certified Information Systems Auditor
  • ISC2: CCSP: Certified Cloud Security Professional
  • ISC2: CISSP (or Associate): Certified Information Systems Security Professional
• COMPUTING ENVIRONMENT (CE):
  • Cisco: CCIE: Certified Internetwork Expert (Any)
  • Cisco: CCNP: Certified Network Professional (Any)
  • DISA: ACAS: Assured Compliance Assessment Solution 5.3 (or current version)
  • EC Council: CEH: Certified Ethical Hacker
  • EC Council: CIH: Certified Incident Handler
  • EC-Council: CHFI: Certified Hacking Forensic Investigator
  • EC-Council: CND: Certified Network Defender
  • GIAC: GCIH: Certified Incident Handler
  • Microsoft: 365 Certified: Enterprise Administrator Expert
  • Microsoft: Certified: Azure Associate (Any)
  • Microsoft: Certified: Azure Expert (Any)
  • Microsoft: MCSA: Cloud Platform
  • Microsoft: MCSA: Windows Server 2016
  • Microsoft: MCSE: (Any above 2012)
  • Microsoft: MCSE: Cloud Platform and Infrastructure
  • Microsoft: MCSE: Data Management and Analytics
  • Microsoft: MCSE: Productivity Solutions Expert
  • Red Hat: RHCA: Certified Architect
  • Red Hat: RHCE: Certified Engineer
  • Red Hat: RHSA: Certified Systems Administrator
• Experience:
  • At least three (3) years of practical experience working with various data (network and system) technologies, with a minimum of two of those years focused on security.
  • Knowledge of certification tools preferred.

We are committed to an inclusive and diverse workplace that values and supports the contributions of each individual. This commitment along with our common Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation and expand our success in the global marketplace. Vectrus is an Equal Opportunity /Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, protected veteran status or status as an individual with a disability. EOE/Minority/Female/Disabled/Veteran.