Senior Unix and Linux Vulnerability Analyst
About the role
PD Inc International is seeking an experienced and mission-driven Senior Unix and Linux Vulnerability Analyst to provide Cybersecurity Management support in a U.S. government (DoD) environment.
Responsibilities
Serve as a UNIX and Linux technical specialist for assets connected to isolated environments, NIPRNet and SIPRNet to support cybersecurity and IT services.
Review, identify, and report problems with the installation and operations of UNIX and Linux assets to include system options, software used and not used, default security controls that are enabled, disabled, or bypassed, and system wide options or parameters that may create security vulnerabilities.
Determine the impact and risk of submitted change requests prior to implementation and participate in CAB meetings to provide cyber oversight for UNIX and Linux changes that affect the level of risk.
Recommend security countermeasures to mitigate identified UNIX and Linux risks.
Identify, monitor, analyze, report, and brief status of J-9 HaC vulnerabilities.
Ensure high risk and high severity vulnerabilities are managed with increased visibility and escalated.
Analyze, validate, monitor, and report compliance status of DoD and DISA directives and orders.
Create, maintain, and provide automated and customized vulnerability reports.
Analyze mission requirements and organizational feedback to improve vulnerability reports and processes.
Provide recommendations for UNIX and Linux vulnerability analysis, guidance, deficiency resolution, and implementation suggestions to DISA Customers and Strategic Partners.
Assess, audit, review, analyze, validate, and report UNIX and Linux SRG and STIG vulnerabilities, and ensure security controls are implemented within UNIX and Linux IAW DoD, DISA and cybersecurity policies and procedures.
Evaluate discrepancies as they relate to policy, orders and UNIX and Linux SRG and/or STIGs, and document recommended additions, deletions, or changes.
Identify and report the need to add technical guidance for modification of policies and orders.
Review and validate the installation and configuration of cyber tools on assets, and report deficiencies.
Review UNIX and Linux SRG and/or STIGs as updates are released, and report changes with the potential to have significant impact.
Conduct audits and provide documentation.
Review, coordinate, approve temporary use, and verify removal of network monitoring software for troubleshooting on UNIX and Linux assets IAW DISA policy.
Qualifications
Pursuing bachelor's degree or equivalent work experience
Five + years of relevant/recent experience with UNIX (HP-UX, Solaris or AIX) or Linux (RedHat) and cybersecurity.
Three + years of relevant/recent experience with Microsoft Office Products.
Current 8570/8140 requirement certification
Active Secret Clearance
Benefits
Highly competitive salary, 401K, health care, paid time off, no-limit Student loan forgiveness (merit based), and sponsorship for Security Clearance.
Casual dress code, free parking, corporate discounts, and gym memberships available.