76 to 100 of 152 Permanent Vulnerability Scanning Jobs

Trust in digital transactions and financial technologies is crucial for the smooth functioning of modern society. Neelam Kadbane, our next pathbreaker, Senior Vulnerability Analyst at Mastercard, identifies and addresses security vulnerabilities within Mastercard's environment & products by conducting network penetration tests. Neelam talks to Shyam Krishnamurthy fromThe Interview Portal about the innumerable challenges and the satisfacation of her work … . It was a significant achievement for me, especially since it's rare for companies to hire freshers directly into the InfoSec domain. At Qualys, I worked with the Vulnerability Management team, where we researched new CVEs and zero-day vulnerabilities, and developed signatures for vulnerability scanners. A zero-day vulnerability is a security flaw in software … or hardware that is unknown to the vendor or developer. Since the vendor is unaware of the vulnerability, no patch or fix is available, making it highly dangerous. The term "zero-day" comes from the fact that once the vulnerability is discovered by malicious actors, the vendor has zero days to fix it before it can be exploited. More ❯

tailor IT and CS security control baselines based on RMF guidelines and categorization of the RMF boundary • Perform Ports, Protocols, and Services Management (PPSM). • Perform IT and CS vulnerability-level risk assessments. • Execute security control testing as required by a risk assessment or annual security review (ASR). • Mitigate and remediate IT and CS system level vulnerabilities for … level IT and CS policies and procedures for respective RMF boundaries and/or guidance provided by the command ISSMs • Implement and assess STIG and SRGs. • Perform and develop vulnerability assessments with automated tools such as Assured Compliance Assessment Solution (ACAS), Security Content Automation Protocol (SCAP) Compliance Check (SCC) and Evaluate STIG. • Deploy security updates to Information System components. … Perform routine audits of IT system hardware and software components. • Maintain inventory of Information System components. • Participate in IT change control and configuration management processes. • Upload vulnerability data in Vulnerability Remediation Asset Manager (VRAM). • Image or re-image assets that are part of the assigned RMF boundary • Install software and troubleshoot software issues as necessary to support More ❯

and security requirements, and ensuring those requirements are properly addressed through purposeful architecting, design, development, and configuration; and implementing security controls, configuration changes, software/hardware updates/patches, vulnerability scanning, and securing configurations. Demonstrated working knowledge of the Risk Management Framework (RMF) process. Hands-on experience with Information Assurance tools such as: DISA Enterprise Mission Assurance Support … of the following within DoD or Federal environments: Network and system security Cybersecurity Service Providers (CSSP) Cyber Red Teams With at least 3 of the following 6 focus areas: Vulnerability Analysis Network Security Monitoring Incident Response/Forensics Penetration Testing/Red Teaming CND Infrastructure Support CND Incident Response EDUCATION: Bachelor's degree in computer science, Information Technology, or More ❯

joining the internal security team, monitoring and analysing real-time security events using SIEM tools to detect and respond to potential threats. The Cyber Security Engineer will conduct regular vulnerability assessments and penetration tests to identify and mitigate security risks and breaches, and will investigate security incidents and conduct forensic analysis to determine the root cause and recommend remediation …/XDR, mail filtering and other security products Experience of Security Information Event Management (SIEM) tools Any experience or knowledge of ISO27001 as well as with penetration testing/vulnerability scanning would be highly advantageous The list above is important, but not as important as hiring the right person! So if you don't meet all of the More ❯

GoDefend is a growing UK-based cyber security company based in Newcastle upon Tyne, offering a wide-spectrum of cyber solutions whilst specialising in continuous vulnerability scanning and penetration testing. We are seeking a Penetration Tester with over three years of hands-on experience in offensive security. Youll join a growing, fast-paced cyber security team where your … with clients and translating complex risks into clear business language. What Youll Be Doing: Conduct penetration testing across web applications, mobile apps, cloud platforms, and internal networks. Perform detailed vulnerability assessments and provide actionable remediation guidance. Create professional, jargon-free reports suitable for both technical and non-technical audiences. Lead or support scoping calls with clients to define the More ❯

systems Assist in the development and verification of documentation necessary to complete the DoD RMF assessment and authorization process Conduct ICS/SCADA system inventories following DoD guidance Conduct vulnerability scanning, remediation, and documentation of system vulnerabilities Participate in continuous improvement of organizational cybersecurity posture Qualifications Clearance/Citizen Type: Applicants selected will be subject to a government … procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data Assessment, mitigation, and closure of network vulnerabilities and vulnerability management eMASS Establishing, managing, and tracking of Plan of Action & Milestones (POA&M) Applying STIGs to servers, databases, applications, and other hardware Security Readiness Review (SRR) Tools (scripts and More ❯

systems Assisting in the development and verification of documentation necessary to complete the DoD RMF assessment and authorization process Conducting ICS/SCADA system inventories following DoD guidance Conducting vulnerability scanning and document system vulnerabilities Supporting ISO standardization and Quality inspections Participating in continuous improvement of organizational cybersecurity posture Provide system security engineering services and/or products … procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data Assessment, mitigation, and closure of network vulnerabilities and vulnerability management eMASS Establishing, managing, and tracking of Plan of Action & Milestones (POA&M) Applying STIGs to servers, databases, applications, and other hardware Security Readiness Review (SRR) Tools (scripts and More ❯

/software listings, and all other necessary artifacts required to obtain and maintain ATOs. Support compliance activities for all relevant systems to include, but not limited to: Incident Response, Vulnerability Scanning/Audits, STIG compliance checking, Configuration Management, Host Based Security Solution/Endpoint Security Solution, Network Access Control, and POA&M creation QUALIFICATIONS: Education: o High School More ❯

Eligible). • Certifications such as CompTIA Security+, Network+, or AWS/Azure Fundamentals. • Experience or exposure to Ansible for automation is a plus. • Familiarity with secure coding practices and vulnerability scanning tools. Benefits: At RogueThink, we offer competitive compensation packages and flexible work environments. We ensure that compensation is competitive, as we hold integrity, intelligence, and passion in More ❯

the development and evolution of CI/CD pipelines for all GIDS products using GitHub Actions, ArgoCD, TeamCity, Octopus Deploy, and GitOps principles. Integrate static and dynamic code analysis, vulnerability scanning, artifact promotion, and release gating into the SDLC. Ensure pipeline scalability and governance while maintaining developer velocity. Observability & Troubleshooting Lead the implementation and usage of modern observability More ❯

systems and ensuring compliance with Department of Defense (DoD) security policies. Key Responsibilities: Monitor and analyze system security logs and alerts to identify suspicious activities and potential threats. Support vulnerability assessments and risk analysis activities. Implement security controls in accordance with DoD cybersecurity regulations and RMF (Risk Management Framework). Assist with security incident response, containment, investigation, and remediation … years of hands-on experience in information security or cybersecurity analysis. Familiarity with DoD cybersecurity policies, RMF, STIGs, and NIST frameworks. Experience using security tools such as SIEMs, vulnerability scanners, and endpoint protection platforms. Strong analytical and problem-solving skills. Excellent communication and documentation abilities. Preferred Qualifications: Bachelor's degree in Cybersecurity, Information Technology, or a related field. Experience More ❯

and performance. Enhance CI/CD pipelines using Jenkins, GitLab, and Nexus to support secure and efficient software delivery. Implement security best practices, including Zero Trust Architecture, encryption, and vulnerability scanning. Optimize cloud, Linux, and infrastructure performance with monitoring tools like Elastic/Kibana/Beats and Azure Monitor. Ensure compliance with DoD security frameworks, including STIGs, FedRAMP, and More ❯

on experience with cloud platforms (AWS, Azure, GCP) and securing cloud environments. Strong understanding of containerization technologies (Docker, Kubernetes) and their security. Knowledge of security tools like SAST, DAST, vulnerability scanners, and SIEM solutions. Strong experience in system reliability, site reliability engineering (SRE), or a similar role. Proficiency in cloud platforms (AWS, Azure, GCP) and associated reliability tools. Hands More ❯

and 20000 (essential). Experience in implementing and maintaining externally awarded certifications such as ISO27001 is essential. Proficient with MS Office Solid understanding of common security tools (e.g., vulnerability scanners, firewalls, IDS/IPS, AV software) strongly recommended Extensive training and experience in computer disciplines such as application and data security, systems programming, systems design, computer technology or software More ❯

Summit Technologies, Inc. is looking for a Vulnerability Scanning Administrator to join our team supporting a government agency. The role is a part of the Development, Modernization, and Enhancement Team providing engineering solutions in support of our client. The successful candidate will manage the web application scanning program, reporting to the Vulnerability Management Team Lead. This … Washington, DC. You must be a US citizen, as this supports a government contract and requires a Public Trust clearance. Responsibilities and Duties: Provide technical hands-on support for vulnerability scanning, with an emphasis on device scanning, using Tenable Security Center and Tenable Nessus. Configure, manage, and operate Tenable Security Center and Tenable Nessus, and other vulnerability scanning tools as required. Execute, manage, and troubleshoot device vulnerability scans. Work with tool vendors to resolve issues. Develop, execute, and improve work instructions and other technical documentation related to vulnerability scanning. Analyze vulnerability data with a variety of tools. Accurately document work in various formats including work instructions, change management requests, incident tickets, and More ❯

section below for more information. As a Lead Test Engineer focusing on security, you will: Take ownership of security testing within the software development lifecycle. This will involve running vulnerability scans using tools such as Burp, coordinating with relevant teams, and testing security-related issues. As a manager, you will provide advice, coaching and mentoring to testers on non … practices with a strong focus on Security Testing. Working knowledge of at least 5 of the following security tools and technologies: Burp Suite (including Burp Scanner) - for web application vulnerability scanning and manual security testing. OWASP ZAP - for DAST and automated security regression testing. Postman or SOAP UI - for API testing with a security focus (e.g. injection, authorisation … with secrets scanners. Static Application Security Testing (SAST) tools - e.g. SonarQube, Checkmarx, Semgrep. Dynamic Application Security Testing (DAST) tools - e.g. OWASP ZAP, Burp Suite Pro. Infrastructure-as-Code (IaC) scanning tools - e.g. tfsec, Checkov. Threat modelling methodologies - e.g. STRIDE, PASTA, or creating risk-based test charters. Familiarity with the OWASP Top 10 - and how to test for each category. More ❯

performance technical team focused on the secure delivery and support of new IT applications and infrastructure for a sensitive government customer. Your core responsibilities will include: Leading and executing vulnerability scanning, management, and reporting Implementing and maintaining endpoint security measures, including AV/anti-malware compliance Conducting system hardening and security compliance audits against frameworks like CIS, STIG … be successful in this role, you will need: Proven experience in a Cyber Security Engineering role, ideally within the defence or secure government sector Strong hands-on expertise across vulnerability management, endpoint protection, and incident response Familiarity with frameworks such as Government Functional Standard 007, CIS, STIG, and NIST A proactive, collaborative mindset with the ability to engage across More ❯

crucial in maintaining and developing our Information Security (IS) program and ensuring compliance with established security policies and procedures. The ISSO will be responsible for overseeing operational security implementation, vulnerability management, system assessments, and recovery processes. The ideal candidate will play a key role in safeguarding critical information systems and contribute to a comprehensive security posture. Essential Duties and … validate adherence to security standards. • Promote awareness of security issues across the organization. • Provide ongoing training to ensure all staff understand their security responsibilities. • Prepare technical documents, incident reports, vulnerability assessments, and other situational awareness information for key stakeholders. • Assist in ensuring systems and configurations comply with security guidelines and regulatory requirements. • Monitor and validate compliance through continuous security … assessments and audits. • Conduct system vulnerability scanning, configuration assessment, and remediation to maintain system integrity and security. Qualifications: • Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or a related field is required. • Proven experience in cybersecurity, risk management, or information security roles, particularly in relation to system security, vulnerability management, and compliance activities. • Strong knowledge of More ❯

joining the internal security team, monitoring and analysing real-time security events using SIEM tools to detect and respond to potential threats. The Cyber Security Engineer will conduct regular vulnerability assessments and penetration tests to identify and mitigate security risks and breaches, and will investigate security incidents and conduct forensic analysis to determine the root cause and recommend remediation …/XDR, mail filtering and other security products Experience of Security Information Event Management (SIEM) tools Any experience or knowledge of ISO27001 as well as with penetration testing/vulnerability scanning would be highly advantageous The list above is important, but not as important as hiring the right person! So if you don't meet all of the More ❯

team based in Washington, D.C. You must have an active Secret clearance or higher and a solid background in information security fundamentals and core technologies (e.g., authentication, encryption, firewalls, vulnerability scanning, SIEM/SOAR, audit logs). Your main responsibilities in this position will include: Achieving ATOs for the company's software across multiple government customers with minimal More ❯

systems Assisting in the development and verification of documentation necessary to complete the DoD RMF assessment and authorization process Conducting ICS/SCADA system inventories following DoD guidance Conducting vulnerability scanning and document system vulnerabilities Supporting ISO standardization and Quality inspections Participating in continuous improvement of organizational cybersecurity posture Qualifications Education: 5+ Years of Experience with a Master … procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data Assessment, mitigation, and closure of network vulnerabilities and vulnerability management eMASS Establishing, managing, and tracking of Plan of Action & Milestones (POA&M) Applying STIGs to servers, databases, applications, and other hardware Security Readiness Review (SRR) Tools (scripts and More ❯

packet capture and analysis tools Experience using computer and network forensics techniques Knowledgeable in hardening techniques Experience in network and web related protocol analysis Experience using industry standard security scanning tools Perform security testing in conjunction with the Security Control Assessment (SCA) team to achieve ATO (Authorization to Operate) Perform application security testing on mission critical IC systems Identify … using metadata Ability to reconstruct a malicious attack or activity based on network traffic Assess network topology and device configurations identifying critical security concerns Perform network monitoring, network mapping, vulnerability scanning, and penetration testing Train and mentor cybersecurity professionals Review test plans/procedures, test results, and test reports for completeness and accuracy, including compliance to approved plans More ❯

and networking components The ability to work unsupervised with strong self-motivation Experience with scripting and automation Experience with virtualization platforms Experience using SIEM platforms Experience with EDR and vulnerability scanning Knowledge of Windows Servers and Azure Cloud Desirable: Experience with ITIL, PCI and GDPR Driving Licence Programming experience with PowerShell, C# and\or Python In addition to More ❯

highest standards for building, deploying, and securing infrastructure. The Platform Security Engineer is focused on automating security practices to ensure compliance of critical infrastructure. This includes traditional compliance and vulnerability scanning of switches, routers, firewalls, operating systems, applications, and platform components associated with OpenShift Container Platform (OCP). As a Platform Security Engineer, you are responsible for the More ❯

systems Assisting in the development and verification of documentation necessary to complete the DoD RMF assessment and authorization process Conducting ICS/SCADA system inventories following DoD guidance Conducting vulnerability scanning and document system vulnerabilities Supporting ISO standardization and Quality inspections Participating in continuous improvement of organizational cybersecurity posture Qualifications Clearance/Citizen Type: Applicants selected will be … procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data Assessment, mitigation, and closure of network vulnerabilities and vulnerability management eMASS Establishing, managing, and tracking of Plan of Action & Milestones (POA&M) Applying STIGs to servers, databases, applications, and other hardware Security Readiness Review (SRR) Tools (scripts and More ❯