Phase2 Technology is hiring: Enterprise Cybersecurity Vulnerability Analyst, Sen

Overview

Key Role: In this role, you will support Booz Allen Hamilton's Enterprise Cybersecurity (ECS) team through utilizing enterprise-level vulnerability scanning and assessment tools to identify all internally and externally facing vulnerabilities and security misconfigurations present across the Booz Allen network. You will validate that appropriate patches or mitigations are in place within defined Service Level Agreements (SLA) and conduct analysis. You will serve as a vulnerability management resource in supporting the company's client facing and internal support teams. Additionally, you will stay up to date with emerging threats within the industry and collaborate with other Cybersecurity teams in a Cyber Fusion Center (CFC) environment to understand the impact of security threats and possible impacts to the global enterprise. You will conduct direct outreach to affected environments to ensure rapid remediation occurs and, as needed, assist the Vulnerability Management Team lead with providing metrics and KPIs to other operational teams and senior leadership.

Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

Responsibilities

Note: This section is covered within the overview; key responsibilities include vulnerability scanning and assessment, validating patches or mitigations within SLA, and coordinating remediation across affected environments.

Qualifications

• 4+ years of experience in a vulnerability analyst role, including identifying and remediating cloud vulnerabilities and misconfigurations
• 2+ years of experience in Windows and UNIX system administration
• Experience with managing, deploying, and securing resources within Amazon Web Services (AWS), Azure, or Google Cloud
• Experience with Tenable Cloud Security and Tenable Security Center
• Knowledge of basic networking protocols including TCP/IP, UDP, HTTP/HTTPS, SSH, and DNS
• Ability to communicate effectively with clients, including supporting teams and management
• Ability to obtain a Secret clearance
• HS diploma or GED

Additional Qualifications

• Experience deploying, managing and administering Tenable Security Center or multiple Nessus scanners within a medium or large-scale enterprise, or similar vulnerability scanning software, such as Qualys
• Experience with Splunk, including building search queries
• Knowledge of vulnerabilities, cyber threats, and information security tools
• Knowledge of open security standards and projects, including OWASP, GSEC, GMON, GIAC G CIA, or CompTIA Security+
• Possession of excellent verbal and writing communication skills
• Bachelor's degree in Computer Science

Security/Identity

Identity Statement: As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Work Model

Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely.

• If this position is listed as remote or hybrid, you'll periodically work from a Booz Allen or client site facility.
• If this position is listed as onsite, you'll work with colleagues and clients in person, as needed for the specific role.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.