Gunnison
Overview
The Database Scanning Analyst supports Independent Security Control Assessment (ISCA) activities by conducting targeted scanning of databases within the federal client's IT systems. This role identifies misconfigurations, vulnerabilities, and compliance gaps in databases, ensuring secure handling of mission-critical and High Value Asset (HVA) data. Responsibilities
Configure and run automated and manual database scans across Oracle, SQL Server, PostgreSQL, and other supported platforms. Validate scanning results, identify false positives, and produce accurate vulnerability reports. Provide assessment artifacts for inclusion in SAPs, SARs, and vulnerability matrices. Assess database security controls related to authentication, encryption, auditing, and patching. Collaborate with SCAs, ISSOs, and system owners to interpret findings and recommend mitigations. Support retesting of remediated vulnerabilities and update assessment documentation accordingly. Maintain compliance with DHS BODs, FISMA requirements, and client database security standards. Requirements
4+ years of experience in database security, scanning, or vulnerability analysis. Familiarity with database vulnerability management tools (e.g., Tenable Nessus, AppDetective, SQL Secure). Strong understanding of database hardening standards (e.g., CIS Benchmarks, DISA STIGs). Knowledge of RMF processes and alignment of scan results to NIST SP 800-53 controls. Ability to document scan results clearly for both technical and non-technical stakeholders. Database-related certifications preferred (e.g., Oracle DBA, GIAC Database Security, MCDBA). Clearance
Active Secret clearance required. Benefits
3 weeks of Personal Leave your first year 11 paid Holidays each year 5 days of Flexible Time Off each year 401(k) company match at 50% up to 10% of your salary Medical, Dental and Vision Insurance Life and Disability Insurance Public Transportation Subsidies Certifications and Training Allowance - $2,500/year! Why Join Gunnison?
Gunnison takes on ambitious projects. We target fun, challenging work that requires creative thinking and innovation. Quality is our top priority. Gunnison employee benefits meet or exceed what other companies in the Washington, D.C. metropolitan area offer. There is a great sense of camaraderie at Gunnison. This is an atmosphere we will maintain as we continue to grow. We are growing rapidly and the opportunity for individual professional growth with Gunnison is outstanding. We hire for careers at Gunnison, not to fill a position. Equal Opportunity/Affirmative Action Employer. Must be eligible for employment in the United States. We are unable to sponsor candidates at this time. Seniority level: Mid-Senior level Employment type: Full-time Job function: Information Technology
#J-18808-Ljbffr
The Database Scanning Analyst supports Independent Security Control Assessment (ISCA) activities by conducting targeted scanning of databases within the federal client's IT systems. This role identifies misconfigurations, vulnerabilities, and compliance gaps in databases, ensuring secure handling of mission-critical and High Value Asset (HVA) data. Responsibilities
Configure and run automated and manual database scans across Oracle, SQL Server, PostgreSQL, and other supported platforms. Validate scanning results, identify false positives, and produce accurate vulnerability reports. Provide assessment artifacts for inclusion in SAPs, SARs, and vulnerability matrices. Assess database security controls related to authentication, encryption, auditing, and patching. Collaborate with SCAs, ISSOs, and system owners to interpret findings and recommend mitigations. Support retesting of remediated vulnerabilities and update assessment documentation accordingly. Maintain compliance with DHS BODs, FISMA requirements, and client database security standards. Requirements
4+ years of experience in database security, scanning, or vulnerability analysis. Familiarity with database vulnerability management tools (e.g., Tenable Nessus, AppDetective, SQL Secure). Strong understanding of database hardening standards (e.g., CIS Benchmarks, DISA STIGs). Knowledge of RMF processes and alignment of scan results to NIST SP 800-53 controls. Ability to document scan results clearly for both technical and non-technical stakeholders. Database-related certifications preferred (e.g., Oracle DBA, GIAC Database Security, MCDBA). Clearance
Active Secret clearance required. Benefits
3 weeks of Personal Leave your first year 11 paid Holidays each year 5 days of Flexible Time Off each year 401(k) company match at 50% up to 10% of your salary Medical, Dental and Vision Insurance Life and Disability Insurance Public Transportation Subsidies Certifications and Training Allowance - $2,500/year! Why Join Gunnison?
Gunnison takes on ambitious projects. We target fun, challenging work that requires creative thinking and innovation. Quality is our top priority. Gunnison employee benefits meet or exceed what other companies in the Washington, D.C. metropolitan area offer. There is a great sense of camaraderie at Gunnison. This is an atmosphere we will maintain as we continue to grow. We are growing rapidly and the opportunity for individual professional growth with Gunnison is outstanding. We hire for careers at Gunnison, not to fill a position. Equal Opportunity/Affirmative Action Employer. Must be eligible for employment in the United States. We are unable to sponsor candidates at this time. Seniority level: Mid-Senior level Employment type: Full-time Job function: Information Technology
#J-18808-Ljbffr