NIH - Vulnerability Analyst
cFocus Software Incorporated · Bethesda, MD · 2 wk ago
RemoteRemoteInformation TechnologyFull-time
Qualifications
- Public Trust Clearance
- B.S. in Computer Science, Information Technology, or a related field
- 7+ years with vulnerability assessments or vulnerability management programs
- Experience managing enterprise vulnerability scanning solutions
- Experience with penetration testing efforts
- Experience supporting Federal cybersecurity programs
- Experience with RMF, FISMA, and NIST guidance
- Experience developing executive cybersecurity reports
- Able to obtain and maintain NIH suitability/background investigation
Duties
- Direct vulnerability scanning activities across NIH enterprise systems
- Develop enterprise vulnerability management strategies
- Establish vulnerability assessment priorities based upon risk
- Continuously improve enterprise vulnerability management capabilities
- Analyze enterprise vulnerability scan results
- Perform vulnerability prioritization using risk-based methodologies
- Identify critical vulnerabilities requiring immediate remediation
- Evaluate exploitability and business impact
- Conduct root cause analysis
- Validate corrective actions
- Track vulnerability trends and recurring issues
- Coordinate remediation efforts with System Owners
- Track remediation progress
- Maintain SLA compliance
- Escalate critical vulnerabilities within required timeframes
- Validate remediation completion
- Support risk acceptance processes
- Reduce enterprise cybersecurity risk
- Monitor aging vulnerabilities