28 Oct
Systems Administrator 3 - Cyber Vulnerability
Washington, Vancouver , 98662 Vancouver USA

Vacancy expired!

Title: Systems Administrator 3 - Cyber VulnerabilityDuration: One Year Contract w/four optional years probableLocation: Vancouver, WA - Remote after mandatory office-based orientation, but eventually convert to 100% onsite after the pandemic are considered due to federal government requirementSummaryThe SA3 in this position will perform systems analysis, interfacing with users to support functional requirements development, analysis of tools and techniques to support the development, troubleshooting, analysis, performance monitoring, and improvement of systems used by the Operations functions.- This System Administrator 3 position provides Data Call response and Cyber Vulnerability Assessment (CVA).- The CVA team consists of an assessor and a business systems analyst.- This position will perform scanning in conjunction with the CVA assessor.- This position requires someone with an in-depth attention to detail and the ability to take various sources of data in order to perform full vulnerability assessments.Responsibilities:Control Center Cyber Vulnerability Scanning:- Define, identify, and classify the security holes (vulnerabilities) in a computer, network, or communications infrastructure.- Interact with business units to discover, triage and resolve security vulnerabilities with manual and automated tools to enforce security criteria as part of a Secure Development Life Cycle on a continuous basis.- Research and investigate new and emerging vulnerabilities.- Analyze vulnerabilities in order to appropriately characterize threats and provide remediation recommendations.- Forecast the effectiveness of proposed countermeasures and evaluate their actual effectiveness after they are put into use.Assist in Conducting vulnerability assessments (application and/or infrastructure) and articulate security issues to technical and non-technical audience.- Conduct vulnerability assessments using tools such as; NMAP, Nessus, or other related tools.- Alert the team manager of any concerns.- Operate and analyze results of open source security tools and vulnerability scanners including Wireshark, ngrep, nmap, and SnortVulnerability Scanning:- Configure vulnerability assessment tools, as well as perform scans, research and analyze vulnerabilities, identify relevant threats, corrective action recommendations, summarize and report out results.- Identify critical flaws in applications and systems that cyber attackers could exploit- Conduct vulnerability assessments for networks, applications and operating systems- Use automated tools (e.g. Nessus) to pinpoint vulnerabilities and reduce time-consuming tasks- Use manual testing techniques and methods to gain a better understanding of the environment in order to reduce false negatives- Develop, test and modify custom scripts and applications for vulnerability testing- Manually validate report findings to reduce false positives- Compile and track vulnerabilities over time for metrics purposes- Write and present comprehensive Vulnerability Assessments on new systems.- Review and define requirements for information security solutions- Supply hands-on training to network and system administrators of the vulnerability scanning program.- Develop and maintain a vulnerability assessment database- Perform trend and analysis of vulnerability scan data- Generate reports that identify security posture of the base (i. e. deficiencies, history of repeats, etc.)- Develop and draft Transmission Operations Standard Operating Procedures (SOPs), checklists, guides, best practices and procedures for conducting vulnerability assessments- Automate procedures using scripts, Sequel (SQL)/database administration, or other available technologyEducation & Corresponding Experience (required):A degree in Computer Science, Information Technology, or a directly-related technical discipline is preferred.- With an applicable Associates or Bachelor's degree, 8+ years of experience is required.- Without an applicable degree or with no degree: 10+ years of experience is required.Experience includes a minimum combination of work-related experience, on-the-job training, and/or vocational training. Experience should be consistent with the specific requirements of Computer/Information Technology or related field and progressively more technical in nature.Required Technical Skills & Experience (required):Two plus years' experience with the following:- Classes of vulnerabilities, appropriate remediation, and industry standard classification schemes (CVE, CVSS, CPE)- Linux and Windows operating systems, including common programming or scripting languages- Devising methods to automate testing activities and streamline testing processes- Knowledge of patching programs of major hardware/software manufacturers. - Knowledge of secure configuration and hardening of systems- Knowledge of methods for on-going evaluation of the effectiveness and applicability of information security controls (e.g., vulnerability testing, and assessment tools)- Knowledge of security vulnerabilities, application analysis, and protocol analysis- Knowledge of network topology, communication protocols, firewalls, proxies and IDS systems to affectively configure scanning softwarePreferred Skills & Experience (optional):- Experience setting up and administering an enterprise cyber vulnerability scanning and assessment infrastructure.- Experience administering computer systems in a 24/7 high availability operational environment.- Experience using specific technologies such as Splunk- Experience administering Tenable.sc and NessusEverest Consultants is an equal opportunity employer and does not discriminate on the basis of race, color, religion, sex, national origin, age, disability, or any other characteristic protected by applicable local, state or federal civil right laws.

Vacancy expired!


Report job