Are you a Vulnerability Assessment Engineer with 5+ years of experience and expert knowledge of Tenable Nessus products? Apply now for a contract opportunity focused on conducting CIS Security Audits and vulnerability assessments for networks, systems, and applications.
Requirements:
* 5+ years of extensive knowledge and experience in vulnerability assessment and security auditing
* Appropriate vocational and academic qualifications or professional certifications in cybersecurity
* Demonstrable expert knowledge of and work experience with Tenable Nessus products (mandatory)
* Expert-level knowledge in executing vulnerability assessment scans for large networks without impacting the availability or performance of scanned systems
* Expert-level knowledge in developing advanced Nessus configurations using audit files for implementing compliance checks for operating systems, network devices, and applications
* Solid knowledge of Microsoft Azure and/or AWS Cloud Security
* Solid knowledge of TCP/IP networks, routing, switching, and troubleshooting in complex environments
* Solid knowledge of Microsoft Windows, Linux, and Unix operating systems
* Solid knowledge of VMware virtualization platform
* Proven ability to communicate effectively both orally and in writing with good briefing skills
* Good interpersonal skills and ability to work independently and as part of a team
* Experience creating and executing technical onsite CIS Security Audits (Type-3)
* Experience writing security audit reports for higher management
* Experience performing targeted analysis and reviewing collected data
* Ability to recommend remediation and mitigation strategies
* Experience compiling, drafting, reviewing, and developing security audit documentation
* Threat-centric and contextual approach to security assessments
* Valid Nato Secret Clearance
* Languages: English (fluent)
Job Description:
* Create and execute technical onsite CIS Security Audits (Type-3) for networks, systems, and applications
* Ensure the accuracy of vulnerability assessment and security audit results
* Write comprehensive security audit reports for higher management
* Perform targeted analysis of security findings
* Review collected data from vulnerability scans and security assessments
* Recommend remediation and mitigation strategies based on assessment findings
* Compile, draft, review, and develop all aspects relevant to CIS Security audits in a threat-centric, contextual manner
* Provide expert input on security audit processes and methodologies
* Support remediation and mitigation activities following security assessments
* Execute vulnerability assessment scans for large networks using Tenable Nessus
* Ensure vulnerability scans do not impact the availability or performance of scanned systems
* Develop advanced Nessus configurations using audit files
* Implement compliance checks for operating systems, network devices, and applications using Nessus audit files
* Conduct security assessments for Microsoft Azure and/or AWS Cloud environments
* Assess security of TCP/IP networks, routing, and switching configurations
* Perform vulnerability assessments on Microsoft Windows, Linux, and Unix operating systems
* Assess VMware virtualization platform security
* Troubleshoot complex network and system issues during security assessments
* Communicate security findings effectively to technical and non-technical audiences
* Brief management on security posture and audit results
* Work independently and collaboratively as part of security assessment teams
* Maintain up-to-date knowledge of security threats, vulnerabilities, and assessment methodologies
* Perform other duties as may be required