226 to 250 of 284 Permanent Vulnerability Assessment Jobs

crucial in maintaining and developing our Information Security (IS) program and ensuring compliance with established security policies and procedures. The ISSO will be responsible for overseeing operational security implementation, vulnerability management, system assessments, and recovery processes. The ideal candidate will play a key role in safeguarding critical information systems and contribute to a comprehensive security posture. Essential Duties and … validate adherence to security standards. • Promote awareness of security issues across the organization. • Provide ongoing training to ensure all staff understand their security responsibilities. • Prepare technical documents, incident reports, vulnerability assessments, and other situational awareness information for key stakeholders. • Assist in ensuring systems and configurations comply with security guidelines and regulatory requirements. • Monitor and validate compliance through continuous security … assessments and audits. • Conduct system vulnerability scanning, configuration assessment, and remediation to maintain system integrity and security. Qualifications: • Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or a related field is required. • Proven experience in cybersecurity, risk management, or information security roles, particularly in relation to system security, vulnerability management, and compliance activities. • Strong knowledge of More ❯

security, and consultancy. They focus on proactive system health checks, monitoring, and intervention to ensure smooth business operations. Additionally, their IT security services help protect data and networks through vulnerability assessments, risk mitigation, and business continuity planning Apply now! Or email your CV to Referrals: If this role is not right for you, do you know someone that might More ❯

Milestones (POA&Ms) to address identified cybersecurity gaps, ensuring alignment with applicable STIGs. - Assist in performing Risk Assessments using tools like ACAS, Nessus, and SCAP, and generate thorough Risk Assessment Reports (RARs). - Contribute to the preparation, review, and organization of Assessment and Authorization (A&A) packages ensuring completeness, consistency, and accuracy across documentation sets. - Maintain and update … entries in eMASS and deliver other cybersecurity-related documentation in MS Office or Visio formats. - Coordinate with Red and Blue Teams on vulnerability assessments and incident response activities. - Assist with technical writing tasks related to security documentation, policies, and system accreditation deliverables. Required Qualifications: - 5-7+ years in related experience - Prior experience with Navy or US Coast Guard … RMF/Cyber - Demonstrated understanding of NIST SP 800-series and DoDI/DoD 8500-series frameworks. - Hands-on experience with IA vulnerability assessments and tools such as NMap, ACAS/Nessus, and SCAP utilities. - Must meet IAT/IAM Level II certification requirements (e.g., Security+ CE, CAP, CISSP). - Solid communication and interpersonal skills to facilitate collaboration across More ❯

of the position include: Design and build resilient Cloud infrastructures that are protected against security threats Develop and assess Cloud security solutions to secure systems, databases and networks Conduct assessment and make recommendations to ensure that appropriate controls are in place Gain insight into security incidents and threats by monitoring/analyzing logs and performing vulnerability assessments Participate More ❯

o Reverse Engineering: • Analyze, decompile, and reverse-engineer software binaries to understand vulnerabilities and potential exploits. • Develop proof-of-concept exploits to demonstrate potential vulnerabilities in targeted systems. o Vulnerability Research • Identify, analyze, and document software vulnerabilities. • Collaborate with team members to develop mitigations and workarounds for discovered vulnerabilities. o System and Network Analysis: • Conduct network traffic analysis to … Participate in design and code reviews to ensure adherence to best practices and standards. o Documentation: • Prepare detailed technical documentation and reports, including user guides, system design documents, and vulnerability assessments. • Ensure all documentation is clear, concise, and accessible to team members and stakeholders. Required Qualifications: o Clearance: Active TS/SCI with Full Scope Polygraph is mandatory. o More ❯

on secure cloud architecture, policy implementation, and threat mitigation strategies. Provide direct support for compliance with NIST Risk Management Framework (RMF), FISMA, and relevant cybersecurity directives. Manage and oversee vulnerability assessments, system audits, and incident response planning. Support the integration of security controls including STIGs, SCAP, IAVA compliance, and policy documentation. Collaborate with leadership to ensure cybersecurity is embedded … the following certifications: CISM, CISSO, FITSP-M, GCIA, GCSA, GCIH, GSLC, GICSP, CISSP-ISSMP, CISSP Desired Qualifications: 8+ years of experience analyzing, assessing, and implementing corrective actions based on vulnerability management and penetration testing. 8+ years of experience supporting DoD defensive cyber operations including but not limited to, information system protection, defense, response (incident handling), reporting and recovery. EEO More ❯

/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threat intelligence analysis, identify emerging potential threats, and provide threat intelligence recommendations Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) and other security tools Analyze vulnerability findings and develop remediation plans Remediate vulnerability findings by implementing vendor patches … virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threat intelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows Operating systems ⁠Design, implementation, configuration, and enforcement of security controls More ❯

/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threat intelligence analysis, identify emerging potential threats, and provide threat intelligence recommendations Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) and other security tools Analyze vulnerability findings and develop remediation plans Remediate vulnerability findings by implementing vendor patches … virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threat intelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows Operating systems ⁠Design, implementation, configuration, and enforcement of security controls More ❯

/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threat intelligence analysis, identify emerging potential threats, and provide threat intelligence recommendations Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) and other security tools Analyze vulnerability findings and develop remediation plans Remediate vulnerability findings by implementing vendor patches … virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threat intelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows Operating systems ⁠Design, implementation, configuration, and enforcement of security controls More ❯

/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threat intelligence analysis, identify emerging potential threats, and provide threat intelligence recommendations Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) and other security tools Analyze vulnerability findings and develop remediation plans Remediate vulnerability findings by implementing vendor patches … virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threat intelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows Operating systems ⁠Design, implementation, configuration, and enforcement of security controls More ❯

/or MITRE D3FEND frameworks to assess and improve threat detection and response strategies Conduct advanced threat intelligence analysis, identify emerging potential threats, and provide threat intelligence recommendations Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) and other security tools Analyze vulnerability findings and develop remediation plans Remediate vulnerability findings by implementing vendor patches … virtualization Application of DoD cybersecurity policies and use of DoD security tools MITRE ATT&CK or MITRE D3FEND frameworks Threat intelligence assessments and identification of emerging potential threats Performing vulnerability assessments with ACAS Remediation of vulnerability findings to include implementation of vendor patches on both Linux and Windows Operating systems ⁠Design, implementation, configuration, and enforcement of security controls More ❯

computer networking concepts and protocols, as well as network security methodologies. The ISSO/Systems Security Engineer will be responsible for identifying and mitigating vulnerabilities in security systems, conducting vulnerability scans, and applying system, network, and operating system hardening techniques. Responsibilities Key Responsibilities: Conducting vulnerability scans and recognizing vulnerabilities in security systems. Using DoD network analysis tools to … identify vulnerabilities (e.g., ACAS, HBSS, etc.). Conducting application vulnerability assessments. Identifying systemic security issues based on the analysis of vulnerability and configuration data. Sharing meaningful insights about the context of an organization's threat environment that improve its risk management posture. Applying cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation … . Troubleshooting and diagnosing cyber defense infrastructure anomalies and working through resolution. Performing impact/risk assessments. Required Skills: Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems. Skill in using DoD network analysis tools to identify vulnerabilities (e.g., ACAS, HBSS, etc.). Skill in system, network, and OS hardening techniques (e.g., remove unnecessary services, password policies More ❯

trustworthy security configuration for various devices, ensuring that all security protocols are effectively set up to protect against unauthorised access and potential threats • Proficient with SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. • Experience of leading on technical vulnerability assessments and regular penetration testing of IT systems and processes to identify potential vulnerabilities and provide recommendations More ❯

trustworthy security configuration for various devices, ensuring that all security protocols are effectively set up to protect against unauthorised access and potential threats • Proficient with SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. • Experience of leading on technical vulnerability assessments and regular penetration testing of IT systems and processes to identify potential vulnerabilities and provide recommendations More ❯

Manager to lead the development and implementation of a cyber risk management programme. Key Responsibilities Design and deliver a robust cyber security risk management framework. Conduct regular risk and vulnerability assessments. Work collaboratively across departments to define risk tolerance and align with strategic objectives. Analyse cyber security data to identify risks and recommend mitigation strategies. Maintain comprehensive risk documentation … cyber security risk management role. Strong understanding of cyber security frameworks and standards (ISO 27001, SOC2, NIST, GDPR). Excellent analytical, communication, and stakeholder engagement skills. Proficient in risk assessment tools and methodologies. Professional certifications such as CRISC, CISM, or CISSP are desirable. Bright Purple is an equal opportunities employer: we are proud to work with clients who share More ❯

operators and program offices in assessing acceptable risks to missions caused by cybersecurity deficiencies in systems and programs. • Utilizes all information collected to create and deliver an Operational Risk Assessment (ORA) and Asset Defense Plan (ADP) • Analyzes MRT-C results against mission system vulnerabilities and cyber threats to identify Key Terrain - Cyber for each USSF Mission. • Provides mission analysis … in-depth architecture against known vulnerabilities • Must have knowledge and experience to support analysis tasks • Must have extensive knowledge of Mission Assurance disciplines to include risk management, mission mapping, vulnerability assessments, and defensive cyber capabilities • Must have a detailed understanding of mission analysis techniques, FMA-C methodologies, and mission dependencies • Must have the ability to solve complex problems involving More ❯

Cyber Artifacts Management: Manage and assess cyber artifacts to ensure proper documentation and readiness for cyber assessments. • Cyber Testing: Develop, execute, and analyze cyber testing efforts including penetration tests, vulnerability assessments, and cybersecurity audits. • Risk Management Framework (RMF) Implementation: Guide and support the implementation of the RMF process, including categorizing information systems, selecting security controls, and managing security control … Security Technical Implementation Guides (STIGs) and maintain up-to-date security configurations. • Obtain ATO: Coordinate efforts across teams to prepare systems for ATO through proper documentation, risk assessments, and vulnerability remediation. • Collaboration: Work closely with program managers, engineers, and clients to ensure alignment with project goals and compliance with cybersecurity best practices. • Documentation & Reporting: Assist in the creation of … field. • Experience: 5+ years of experience in cybersecurity engineering, cyber risk management, or cyber testing. • Technical Expertise: Demonstrated experience with RMF, STIGs, and ATO processes. Hands-on experience with vulnerability management tools, penetration testing, and cyber defense technologies. • Communication: Strong ability to produce clear, concise technical reports, and provide briefings to clients and leadership. • Security: Experience working on classified More ❯

focused, and motivated candidate who can adapt to a constantly changing environment. What you will do - Manage and maintain a complex server-based enclave. Performing and mitigating system scans, vulnerability management activities, and active directory configuration. - Plan and implement IT enhancements needed for system optimization. - Identify and remediate hardware and/or software issues. - Create and update clear, concise … and accurate incident resolution documentation. - Support overlapping projects and maintain good inter-departmental relations. - Communicate and publish statuses of system outages, as needed. - Manage information assurance vulnerability alerts (IAVAs) and system security scanning of equipment suites in accordance with System Security Plans. - Actively identify and initiate IAVA responses and system security scans for remediation, deploy IAVA patches and/… and comprehension, development, integration, configuring data inputs and forwarders, data management, and/or monitoring. - Experience with Network Security Technologies such as Multiple Domain, PKI, SSP, and/or Vulnerability Assessment. - Experience with High Assurance Internet Protocol Encryptor (HAIPE) devices for in-line Network Encryption. - Experience with Puppet, Docker/Rancher, SALT. All are welcome At August Schell, we More ❯

Partner with development, operations, and security teams to integrate security protocols seamlessly into the software development lifecycle. Design, build, and maintain CI/CD pipelines incorporating automated security testing, vulnerability assessments, and compliance checks. Develop and manage infrastructure as code (IaC) configurations, ensuring secure and scalable cloud resources and infrastructure. Conduct security assessments, code reviews, and penetration testing to … Terraform, CloudFormation, or Ansible. Strong scripting skills in languages such as Python and Bash for automation and integration. Proficiency with static code analysis, dynamic application security testing (DAST), and vulnerability scanning tools like Fortify and Acunetix. Knowledge: In-depth understanding of security frameworks (e.g., OWASP, NIST) and best practices for mitigating vulnerabilities. Familiarity with common threat vectors and experience More ❯

cyber security measures, best practices, and threat management. Develop and maintain documentation, including best practice guides and incident reports, to educate clients and team members on security awareness. Conduct vulnerability assessments and participate in the development of incident response protocols to enhance security posture. Offer technical guidance to team members, fostering a culture of continuous learning and improvement within … of the strategy plan Active innovation and improvement of internal policies and strategies Technical Skills Required: In-depth knowledge of Office 365 security features and best practices. Proficiency in vulnerability scanning tools and techniques. Solid understanding of networking principles, including TCP/IP, patching, and network security protocols. ISO27001 Implementation and understanding Exceptional report writing skills, with the ability More ❯

evaluating the effectiveness of implemented security controls across USAFA information systems in accordance with NIST SP 800-53A Rev. 5 and DoD RMF standards. Develop and maintain Security Assessment Plans (SAPs) for each assigned system, including assessment scope, testing schedule, security tools, control evaluation methods, and designated assessor personnel. Draft and coordinate Rules of Engagement (ROE) documents … for penetration testing and vulnerability scanning activities to ensure alignment with mission requirements and operational constraints. Conduct or oversee security control assessments for management, operational, and technical controls, leveraging interviews, evidence review, technical validation, and security testing. Document assessment results and risk impacts in the Security Assessment Report (SAR), providing a clear summary of control effectiveness, risk … posture, and any residual vulnerabilities. Support SAR preparation activities including: Vulnerability assessments and validation Security categorization reviews System Security Plan (SSP) analysis Risk issue resolution and remediation status reporting Preparation of SAR briefings, findings presentations, and meeting support materials Provide independent contributions to the Authorization to Operate (ATO) process by delivering the SAR, risk determinations, and supporting documentation for More ❯

Associate) CISSP GCED GCIH CCSP Responsibilities: Design, implement, configure, and enforce network security controls across routers, switches, firewalls, and endpoint devices Manage enterprise level of Active Directory (AD) Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) tool Configure and secure Cisco networking devices in accordance with DoD policies and Security Technical Implementation Guides (STIGs) Utilize packet … include the design, implementation, configuration, and enforcement of security controls on network, hardware, and software components and devices STIG implementation Management of enterprise level deployment of Active Directory Performing vulnerability assessments with the ACAS tool Configuration Cisco networking devices Analysis of network traffic utilizing tools such as Wireshark and tcpdump Troubleshooting network connectivity issues Implementation and management of firewalls More ❯

Associate) CISSP GCED GCIH CCSP Responsibilities: Design, implement, configure, and enforce network security controls across routers, switches, firewalls, and endpoint devices Manage enterprise level of Active Directory (AD) Perform vulnerability assessments using the Assured Compliance Assessment Solution (ACAS) tool Configure and secure Cisco networking devices in accordance with DoD policies and Security Technical Implementation Guides (STIGs) Utilize packet … include the design, implementation, configuration, and enforcement of security controls on network, hardware, and software components and devices STIG implementation Management of enterprise level deployment of Active Directory Performing vulnerability assessments with the ACAS tool Configuration Cisco networking devices Analysis of network traffic utilizing tools such as Wireshark and tcpdump Troubleshooting network connectivity issues Implementation and management of firewalls More ❯

are seeking a highly motivated Cyber-Security Engineer to safeguard our critical data and infrastructure from cyber threats by implementing and maintaining robust security solutions. Key Responsibilities Security Assessments & Vulnerability Management: Identifying weaknesses in systems and networks through vulnerability assessments and penetration testing. Implementing Security Solutions: Putting in place firewalls, intrusion detection systems (IDS), and other tools to More ❯

complex topics related to a variety of cyber threats. As required the Red Analysts (cyber) travel domestically and abroad to provide expert expertise and direct support of geographically separate vulnerability assessments. Specifically, the Red Analysts (cyber) are responsible for researching and identifying positions, access points, relationships, organizations, and other potential vulnerabilities in support of DoD Red Team operations. This … includes identifying adversarial cyber information for program objectives, identifying gaps in cyber architecture and developing cyber courses of actions on vulnerability assessments. Further, the Red Analysts (cyber) provide advice to tactical partner elements and red team personnel in planning adversarial cyber assessments. They are also responsible for implementing specialized training, advanced analytic skills and tools, and maintaining knowledge of … s cyber capabilities. Research the structure, ideology, intentions, tactics, and capabilities of adversarial cyber organizations to develop threat characterization Contribute constructively to cyber threat emulation. Identify information requirements, develop assessment cyber strategies and assist Red Team Program Leader collection plans, identify information sources, and develop and conduct research of publicly available information (PAI) in order to determine adversary cyber More ❯