Senior Security Tools Administrator
Inserso Corporation · United States · 3 wk ago
RemoteRemoteInformation TechnologyFull-time
About the role
The Senior Security Tools Administrator supports enterprise IT and cybersecurity and operations within a large-scale DHS environment. This position is responsible for the administration, maintenance, optimization, reporting, and lifecycle management of enterprise security and monitoring platforms.
Responsibilities
- Security Tool Administration
- Administer, maintain, and optimize enterprise security platforms including Invicti, Nessus, Tenable Vulnerability Management, CrowdStrike Falcon, Entuity, and related security technologies.
- Support vulnerability management operations, including scan configuration, asset visibility, vulnerability analysis, remediation tracking, exception support, and compliance reporting.
- Maintain and troubleshoot vulnerability scanning infrastructure, scan schedules, credentials, authentication issues, scanner health, and data quality issues.
- Support web application and dynamic application security testing capabilities using Invicti or equivalent application security platforms.
- Administer infrastructure monitoring platforms such as Entuity to support network, server, and service availability monitoring.
- Administer or troubleshoot security and monitoring tools hosted on or integrated with Linux-based systems.
- Monitor tool health, investigate failed scans, incomplete data, sensor issues, agent issues, broken integrations, and reporting discrepancies.
- Ensure security and monitoring platforms remain patched, supported, compliant, and aligned with enterprise configuration standards.
- Cook up with vendors and internal technical teams to resolve platform defects, integration issues, and operational outages.
- Vulnerability Management and Compliance Support
- Analyze vulnerability and compliance data to identify trends, recurring issues, high-risk systems, aging vulnerabilities, and remediation gaps.
- Support reporting for vulnerability remediation, operational compliance, endpoint health, and security posture.
- Work with technical teams to validate remediation actions and improve vulnerability closure rates.
- Aid with customer-facing discussions related to vulnerability management, enterprise monitoring, compliance status, risk reduction, and tool performance.
- Support audit, inspection, and readiness activities by providing accurate system status, vulnerability, and compliance data.
- Reporting, Automation, and Integration
- Develop and maintain reports, dashboards, and recurring data products using Power BI, ServiceNow, Tenable VM, Invicti, Entuity, and other enterprise data sources.
- Use PowerShell, APIs, SQL, or other automation methods to improve reporting, data normalization, platform administration, and repeatable operational tasks.
- Integrate security tool data with ServiceNow, Power BI, MECM, Intune, and other enterprise platforms where applicable.
- Produce routine and ad-hoc reports for technical leads, customers, and management detailing accurate point-in-time system status, compliance posture, vulnerabilities, and operational risks.
- Identify opportunities to automate repetitive administrative tasks and improve tool reliability, reporting quality, and operational efficiency.
- Enterprise Operations Support
- Troubleshoot issues across Windows and Linux servers, workstations, servers, cloud environments, monitoring tools, vulnerability platforms, and endpoint management systems.
- Support day-to-day operations involving patching, compliance validation, endpoint security, vulnerability remediation, and monitoring.
- Manage and resolve ServiceNow ticket queues; perform trend and root-cause analysis to resolve recurring issues; document all work clearly in ServiceNow.
- Participate in customer meetings, technical working groups, vendor discussions, and internal planning sessions.
- Lead or contribute to technical discussions and develop required briefing materials to meet customer needs.
- Maintain a professional and collaborative work environment supporting team members, customers, stakeholders, and technical specialists.
- Provide weekly status updates to team leads.
- Must be a U.S. Citizen and pass the DHS Employment Eligibility Verification process.
- Associates degree in related field or equivalent experience.
- 10+ years of experience in IT support, systems administration, cybersecurity operations, security tools administration, or related technical field.
- 5+ years of experience supporting enterprise security, vulnerability management, or infrastructure monitoring platforms.
- 4 years of active complex PowerShell experience, including scripting for administration, troubleshooting, reporting, or automation.
- Experience administering Microsoft Windows Server 2019, 2022, 2025 and Linux server environments.
- Strong knowledge of Microsoft Windows 10 and Windows 11 desktop operating systems.
- Security, Vulnerability, and Monitoring Platforms.
- Experience administering or supporting vulnerability management platforms such as Tenable Vulnerability Management, Tenable.sc, Nessus, Qualys, Rapid7, or equivalent tools.
- Experience supporting enterprise monitoring platforms such as Entuity, SolarWinds, LogicMonitor, PRTG, or equivalent tools.
- Experience supporting endpoint security or EDR platforms such as CrowdStrike Falcon, Microsoft Defender for Endpoint, Carbon Black, SentinelOne, or equivalent tools.
- Analysis and Troubleshooting.
- Experience analyzing vulnerability scan results, remediation data, compliance trends, and operational risks.
- Experience troubleshooting failed scans, agent issues, credentialed scanning problems, sensor issues, and data quality discrepancies.
- Experience using APIs, data exports, or reporting tools to collect, normalize, analyze, or present operational data.
- Exposure to reporting using Power BI, SQL, Excel, ServiceNow reporting, or equivalent reporting platforms.
- Strong written and verbal communication skills with the ability to clearly explain technical issues to customers, stakeholders, vendors, and technical specialists.
- Ability to work independently in a remote environment while managing multiple priorities.
- Direct experience administering Tenable Vulnerability Management.
- Direct experience administering Invicti or another dynamic application security testing platform.
- Direct experience administering CrowdStrike Falcon.
- Direct experience administering Entuity.
- Direct experience administering or supporting Red Hat Enterprise Linux in an enterprise environment.
- Experience integrating security tools with ServiceNow.
- Experience developing Power BI dashboards for vulnerability management, compliance, endpoint health, tool performance, or executive reporting.
- Experience with REST APIs, PowerShell automation, JSON, CSV exports, SQL queries, or data normalization workflows.
- Experience supporting vulnerability remediation programs in a federal, DHS, DoD, or other large enterprise environment.
- Experience with vulnerability prioritization, risk-based remediation, exception tracking, and remediation validation.
- Experience supporting enterprise IT operations for 40,000+ endpoints across on-premises and cloud infrastructures.
- Experience with Microsoft Endpoint Configuration Manager, Microsoft Intune, or co-management in hybrid environments.
- Experience deploying or supporting endpoint agents, sensors, scanners, monitoring probes, or security platform connectors.
- Experience with Azure, AWS, or hybrid cloud environments.
- Experience with Azure Automation, AWS Systems Manager, PowerShell DSC, Ansible, or similar automation/configuration management tools.
- Experience using Windows Event Viewer, Windows Update logs, application logs, IIS logs, and platform-specific logs for troubleshooting.
- Experience creating technical documentation, SOPs, recurring reports, briefing materials, and customer-facing status updates.
- Experience working in ServiceNow ticketing system.
- Effectively communicate with customers, stakeholders, and technical specialists.