Careers > Current Openings

Vulnerability Management Analyst

Location: Washington DC (pending award of contract)

Role Summary: The Staff Vulnerability Management Analyst will work to identify and prioritize new vulnerabilities requiring out-of-band patching or rapid enterprise wide responses and lead a cross-functional team to respond to these emerging threats. They will also drive agencies data driven defense program to identify top vulnerability risks and lead the response to mitigate these issues. They will be responsible for communicating the current status and progress of all projects to senior leaders.

Essential Responsibilities:

  • Tactically guide the Vulnerability Management (VM) Plan, to coordinate, monitor and support activities in the areas of the VM program, security patch and remediation management.
  • Provide input, help prepare and update VM roadmap, develop, maintain, and publish project plans and operation schedules
  • Provide status reports to CISO and IS Manager related to VM metrics, key risk indicators, trending, and compliance reports to the CISO, IS Manager, and other management
  • Propose VM concepts/solutions, prepare presentations, and coordinate vendor demonstrations
  • Create and maintain SOPs for the VM program, provide technical knowledge to operations and production support teams
  • Maintain configuration control of VM hardware, systems, and application software, Coordinate upgrades and other maintenance activities on VM tools
  • Analyze assessment results and threat feeds to properly react to security weaknesses or vulnerabilities
  • Prepare and maintain technical documentation of VM program including requirements, architecture designs, network topology, applications and application security designs
  • Facilitate and coordinate vulnerability assessment and scanning, reviews of assessment results, patching, and remediation activities related to workstations, servers, storage, databases, appliances, web applications and network devices
  • Collaborate on Information Security policies, standards, and baselines and contribute efforts to measure compliance
  • Collaborate on and provide VM results and metrics for consistent reporting for governance purposes; collaborate and coordinate remediation plans and activities
  • Help develop a long term VM strategy (3-5 years) that will address global information security needs (current state, gaps and opportunities)
  • Monitor news sources for emerging threats and vulnerabilities to determine if an escalated response is required
  • Facilitate analysis and response to security and bug notifications from external security researchers
  • Research the company's exposure to vulnerabilities and likelihood of exploitation
  • Work with various cyber security and operational teams to identify the top vulnerability risks to the company
  • Coordinate cross functional teams to execute against remediation plans and vulnerability response campaigns
  • Facilitates weekly updates focusing on program and outcome-based metrics, program enhancements and feature requests.
  • Provide technical support for vulnerability management projects

MINIMUM QUALIFICATIONS:

  • Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math) AND a minimum 6 years of professional experience.
  • Must be legally authorized to work in the US.
  • Must be willing to work out of client site located in downtown DC

Desired Characteristics:

  • Significant enterprise vulnerability management experience to include patch management and remediation activities in a large company
  • Hands-on experience with scanning tools (Tenable Nessus, WebInspect)
  • Security related certifications (i.e. CISSP, CEH, CISM, CISA, CSSLP, CCNP)
  • Experience with scripting languages (Python, Ruby, Perl) and BI tools (Tableau, SiSense)
  • Good analytical skills, attention to detail and ability to methodically troubleshoot complex issues 
  • Good analytical and negotiation skills 
  • Good communication and presentations skills

BENEFITS: Zen Strategics pays excellent benefits at market rate in Medical, Dental, Vision and Short-Term Disability. In addition, we also will also offer Metro/VRE transit or monthly car parking benefits (subsidized) in the form of travel allowance; Commuter pay and a competitive PTO policy.

Zen Strategics is an Equal Employment Opportunity (EEO) employer. It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information

Apply Now

Please send your resume to jennyp@zenstrategics.com

Core Capabilities

  • Controlled Unclassified Information (CUI) Governance, Implementation & Assessments
  • Cyber Security - Strategy & Operations
  • Cloud – Fed RAMP & IV&V
  • Mobility & Big Data
  • Program Management
  • Corporate Strategy
  • Market & Competitive Analysis
  • Systems Engineering
  • Business Operations
  • Wireless & Telecom
    (Public Safety/Interoperability)
  • Strategic Alliances
  • Mergers & Acquisitions(Advisory, Due Diligence & Support)