Triumph Enterprises--Corporate Headquarters

  • Senior Vulnerability Analyst

    Job ID
    2019-2213
    Location
    US-MD-Bethesda
    Posted Date
    4 months ago(10/29/2019 2:33 PM)
    Category
    Information Technology
  • Job Description

    With employee ownership comes both responsibility and rewards. Beyond your technical expertise (outlined below), you must be resourceful, detail-oriented, and 100% client focused, with a continuing passion for your profession. The rewards of joining Triumph Enterprises will include competitive compensation, exceptional benefits, matching 401K, and professional/training development allowances that exceed many companies of larger size and stature. Triumph Enterprises is a “Best-in-Class” employer (as validated by HR Solutions). Built around four core values, our employees, managers and leadership team work collaboratively to grow and sustain a Triumph Culture where:

    • “Client focus” has earned the trust and loyalty of our valued clients.
    • “Integrity” has earned us a reputation for doing the right thing in all situations.
    • “Imagination” and innovation has created new and exciting opportunities for both our company and our people.
    • “Employee Engagement” has resulted in benefits, promotions from within, a balanced work environment, professional development/training, social opportunities, and a culture of empowerment where our employees are as equally valued as our clients. 

    Triumph Enterprises is looking for a Senior Vulnerability Analyst to join a Cyber Security Operations organization on a contract with a federal government client. Members of this team are highly motivated, self-driven, and are given great latitude to operate. Qualified candidates must have great initiative, a positive and healthy questioning attitude, and a drive to continuously help mature the vulnerability management program. This role affords the opportunity to work with a great team while serving a fulfilling mission.

    Responsibilities

    The successful candidate will work directly with the Client and support team members to:

    • Serve as a technical security analyst in a dynamic client environment.
    • Operate in a fast-paced environment using leadership skills and providing thoughtful ideas of process improvements and enhancements.
    • Conduct compliance and vulnerability assessments on a broad range of systems, including mainframe, UNIX, Windows, networking, databases, virtual environments, applications, and web servers.
    • Utilize both manual and automated methodologies to identify, assess, and report security risks.
    • Prioritize findings based on risk and document detailed corrective and remediation plans/actions.
    • Clearly communicate threat, vulnerabilities, and risk information to stakeholders in executive management positions as well as fellow technical staff and provide recommend solutions for client technical and security challenges.
    • Develop, enhance, and implement risk management strategies to support cybersecurity programs and engage with stakeholder partners to design and implement a holistic risk management strategy.
    • Facilitating communication between the Information Security Program, client Information System Security Officers (ISSOs), and system owners to address security issues and resolve vulnerabilities in a timely manner
    • Experience in a rapid paced, time sensitive, high quality environment.
    • Strong problem-solving capabilities and the ability to effectively communicate solutions.
    • Ability to take direction and achieve quality results, independently strive for personal excellence when completing tasks.
    • Strong customer service focus to meet the needs of internal and external customers.
    • Professional, pleasant, and polished demeanor.
    • Ability to work collaboratively with others.
    • Ability to maintain confidentiality of sensitive information within and external to Triumph, using own judgment.
    • Strong eye for small details that make a difference.

    Qualifications / Requirements

    • Bachelor's Degree and a minimum 8 years of experience, 5 in an Information Security environment.
    • Industry recognized Information Security Certifications (CISSP, Security+, CEH)
    • General knowledge of IT environments, information security, privacy, and threat and vulnerability management.
    • Knowledge of NIST SP 800 series and testing NIST 800-53 security controls
    • Ability to effectively present IT security risk to executive management, business and technical
    • Ability to work independently and as part of a multi-disciplined and dynamic team
    • Understanding of latest information security vulnerabilities
    • Excellent self-directing skills – ability to initiate, coordinate and prioritize responsibilities and follow through on tasks and projects
    • Excellent organizational, analytical and problem-solving abilities.
    • Proficient in MS Office (Word, PowerPoint, Excel) and MS Project
    • Excellent command of English language in speaking and writing
    • Experience in a rapid paced, time sensitive, high quality environment.
    • History of ethical performance.
    • Exhibit considerable client delivery, business development, and proposal development experience.
    • Strong management, teamwork, and interpersonal skills against difficult due dates and timelines.
    • Strong written and verbal skills to effectively communicate at all levels in government and industry.

    Desired Elements

    • Experience with Tenable’s product suite, specifically SecurityCenter, Nessus, Nessus Agents and Nessus Network Monitor
    • Experience with Vulnerability Management and Continuous Monitoring and Diagnostic operations.
    • Implement new technologies and infrastructure for enhanced database risk assessment capabilities
    • Coordinate and perform database assessments, analyze scan data, and prepare vulnerability reports for information systems
    • Experience implementing and maintaining database Configuration Management standards and baselines
    • Experience testing web applications using automated and manual testing methods.
    • Vulnerability Scanning: Tenable Nessus, Qualys, or Rapid7
    • Database Scanning: DbProtect or AppDetective
    • Application Scanning: Appscan, Netsparker or Burp
    • Proficient in MS Office (Word, PowerPoint, Excel) and MS Project
    • Proposal development experience
    • Knowledge of Federal contract vehicles
    • Presentation skills
    • Experience with government contracting firms supporting the Federal government.

    Company Overview

    Triumph is an employee-owned information technology (IT) company specializing in Program Management, Administrative Services, and Network and IT Support Services. Incorporated in Virginia in 2005, Triumph has risen to meet the Federal Government’s growing need for mission-critical Cybersecurity, Business Intelligence, Analytics, Data Visualization; and Program Management expertise and cultivated a track record of success. Our pursuit of excellence is driven by an emphasis on Client Focus, Integrity, Imagination, and Employee Engagement – the Core Values that motivate and inspire our leadership, business practices, and company culture. For more information on Triumph, visit http://triumph-enterprises.com/.

     

    Triumph participates in e-Verify. We provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employee’s I-9 Form to confirm work authorization. Triumph is an equal opportunity employer and gives consideration for employment to qualified applicants without regard to race, color, religion, sex, national origin, disability, protected veteran status or any other status defined by law. Go to www.triumph-enterprises.com to learn more about Triumph.

     

     

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed