Job Listing Description

Sr Information Assurance Specialist II

Description:
Sr Information Assurance Specialist II

Seeking an experienced Vulnerability Analyst to conduct both application and host vulnerability assessments, documentation, and management of correction actions. The Analyst will be responsible for assessing Raytheon’s web applications and supporting processes to ensure assessments and mitigating controls are consistent with risk tolerance. The Analyst will also be responsible for engaging with various enterprise and business process owners for the documentation, evaluation, and monitoring of current practices that are utilized in performing application vulnerability assessment services. This includes the development of methods to ensure the accurate identification, prioritization, and remediation of vulnerabilities.
The ideal candidate will have knowledge or experience in vulnerability assessments, vulnerability remediation and mitigation, and risk management as well as prior hands-on experience in cyber security operations.

Responsibilities: • Work with various internal Raytheon business customers to coordinate, conduct, and tune network and system vulnerability scans prior to deployment and when those systems are modified within pre-production and production environments. • Differentiate between vulnerabilities that are meaningful to the assessment and those that are not • Understand development opportunities on how data can be correlated using functionality provided by the tools’ API • Manage the administration and logistics of network vulnerability assessments including working knowledge of firewalls and problem solving to identify issues when they arise • Coordinate, manage, and track remediation of identified vulnerabilities with system administrators, system owners, and IT support staff through meaningful metrics. • Formally document and establish well-defined processes, procedures, remediation and mitigations strategies, and lessons learned from the application of system compensating controls. • Consult with and provide technical reviews as an enterprise vulnerability management analyst to Raytheon’s strategic initiatives and internal programs. • Support the sustainment and operations of vulnerability assessment infrastructure through refresh initiatives and annual planning; work with vendors of utilized tools to support future enhancement and support of sought after functionality Qualifications: • Advanced knowledge of system, firewalls, vulnerabilities and secure software development; Experience conducting vulnerability scans and interpreting results for IT staff and leadership. • Possess technical knowledge of cross-site scripting, SQL injection, certificate high-jacking, and related attacks; understanding of secure coding practices, systems STIGs and the effects of application hardening; hands-on experience with databases, web servers, and active web content; ability to correlate applications security events to systems to assess overall system risk posture. • Knowledge of secure development techniques including OWASP Top 10, tools, and methodologies. • Ability to develop and report enterprise-level metrics for vulnerabilities and remediation progress. • Ability to understand, demonstrate, and educate stakeholders on the real-world impact of threats to vulnerabilities in a given environment. • A firm understanding of information assurance, risk management, and IT security topics and the ability to communicate complex, technical concepts to technical and non-technical audiences. • Excellent social, verbal, and written communication skills, with demonstrated ability to effectively present analytical data and technical concepts to a variety of technical and non-technical audiences • Self-driven and fully accountable for independent effort performed as part of a geographically dispersed virtual team • Able to effectively manage multiple customer requests, assessments and meet customer expectations within established service levels. • Ability and willingness to accept direction, support leadership vision, and to serve as a point of contact directly supporting vulnerability assessments, system owners, and executives. • Ability and willingness to share on-call responsibilities, work non-standard hours, and travel when required. • Ability to attest to Code of Conduct and related Ethical Monitoring requirements • Desired Qualifications: • Practical experience administering and configuring information systems • Working knowledge of automated vulnerability assessment tools such as Tripwire IP360, Tenable Nessus, Qualys, HP WebInspect and similar tools. • A deep understanding of remediation and mitigation techniques of system and application vulnerabilities on an enterprise scale.
 
Job Number: 7854566
Job Location: Richardson, TX
Rate: $90-100 HR
Duration: 6 Months
Start Date: ASAP
Input Date: 12/13/2017
Firm Name: MIDCOM CORPORATION
Attention: Maurice Bradford
Address: 1275 N MANASSERO ST
City, State: ANAHEIM, CA 92807
Phone: 714/630-1999
800 Phone: 800/737-1632
Fax Phone: 714/459-7055
Email: maurice.bradford@midcom.com
Website: www.midcom.com

Previous Listing       Next Listing
Back to Abbreviated Search Results
Back to Complete Search Results
Back to Advanced Job Search

Phone: (425) 806-5200
Fax: (425) 806-5585
Email: staff@cjhunter.com
ContractJobHunter is a service of:
C.E. Publications, Inc.
P.O. Box 3006, Bothell, WA 98041-3006, USA
Disclaimer
The content of this website is Copyright 2017 C.E. Publications, Inc.