This site uses cookies. To find out more, see our Cookies Policy

Security Analyst II - TVM in Reston, VA at Maximus, Inc.

Date Posted: 8/20/2018

Job Snapshot

Job Description

Responsible for the implementation, management, and operations of solutions that facilitate the Threat and Vulnerability Management (TVM) program. Core functions of TVM include Network Host Vulnerability Assessment (NHVA), Application Vulnerability Assessment (AVA), and penetration testing. Provides vulnerability data and analysis to the Information Security Office (ISO) and stakeholders throughout the enterprise. Collaborates with key business and IT leaders to integrate TVM solutions into existing business processes. Works directly with system owners to successfully remediate or mitigate identified vulnerabilities. Provides assistance to the incident response team, audits, HR, and legal compliance areas as related to risk assessment and computer/network forensics investigation. Works in partnership with all departments to integrate security controls into a cohesive architecture that sufficiently mitigates risk to the company. Develops and maintains a portfolio of TVM standards and procedures. The Ideal Candidate will Possess the Following Additional Education and Experience

  • •        Performs network vulnerability assessments to identify host vulnerabilities.


    •        Performs application vulnerability assessments to identify application vulnerabilities.


    •        Identifies, analyzes, and prioritizes vulnerability findings.


    •        Analyzes system configurations to identify possible security gaps and\or compliance violations.


    •        Establishes collaborative working relationships with internal resources to provide security assessments, reports, and recommendations.


    •        Performs other related duties as assigned.



EDUCATIONAL GUIDELINES

Bachelor’s Degree in Computer Science, Information Systems or the equivalent combination of education, training, or work experience. Professional certification such as Security+ or CEH is a plus.


GENERAL KNOWLEDGE, SKILLS & ABILITIES


  • Knowledge of IPv4 network architecture and core services
  • Knowledge of web application development and architecture
  • Knowledge of network security controls
  • Knowledge of vulnerability management
  • Experience with dynamic application security testing (DAST) tools
  • Experience with vulnerability management (VM) tools
  • Familiarity with OWASP Top 10
  • Familiarity with WASC Threat Classification
  • Familiarity with CVE
  • Familiarity with NIST SP 800-53
  • Experience with automated service ticketing systems
  • Excellent analytical, decision-making, and problem-solving skills
  • Must be able to multitask in a fast-paced environment with focus on timeliness, documentation, and communications with peers and business users alike.
  • Ability to communicate well, both verbally and in writing, to technical and non-technical audiences of various levels within MAXIMUS or outside the organization (executives, auditors, clients, etc.)
  • Results oriented, business focused, and successful at interfacing across multiple organizational units

EEO Statement EEO Statement: Active military service members, their spouses, and veteran candidates often embody the core competencies MAXIMUS deems essential, and bring a resiliency and dependability that greatly enhances our workforce. We recognize your unique skills and experiences, and want to provide you with a career path that allows you to continue making a difference for our country. We’re proud of our connections to organizations dedicated to serving veterans and their families. If you are transitioning from military to civilian life, have prior service, are a retired veteran or a member of the National Guard or Reserves, or a spouse of an active military service member, we have challenging and rewarding career opportunities available for you. A committed and diverse workforce is our most important resource. MAXIMUS is an Affirmative Action/Equal Opportunity Employer. MAXIMUS provides equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disabled status.