View Our Website View All Jobs

Mid-Level Security Scan Specialist

Company Overview

Emagine IT is an information technology consulting services company that specializes in delivering technology solutions to meet the needs of clients. Our reputation reflects the high quality of the talented Emagine IT team and the consultants working for our clients. Our mission is to understand and meet the needs of both our clients and consultants by delivering quality, value-added solutions. Our solutions are designed and managed to not only reduce costs, but to improve business processes, accelerate response time, improve services to end users, and give our clients a competitive edge, now and into the future. As business systems integrators, we will align our clients’ business processes and information systems to enable them to access the right information at the right time, empowering them to achieve their desired business results and create enterprise value.

Responsibilities and Duties

  • Emagine IT is currently seeking a Mid-level Security Specialist to perform scanning during off-peak hours.
  • The candidate will be performing vulnerability and compliance scans with various tools in support of the agencies' Continuous Monitoring effort.
  • The candidate will perform OS, database, and application level scans utilizing tools such as Nessus, WebInspect, and NGSSquirreL. 
  • The candidate will be provided a scan schedule and must ensure execution of all scans quarterly. 
  • The candidate will help build and maintain a scan schedule including identification of targets, credentials required to perform scans, and mapping targets to system boundaries. 
  • The candidate has the ability to successfully provide remediation actions for unimplemented security controls. 
  • This candidate must be willing to perform off-peak scanning (10:00 PM - 6:00 AM) shifts based on scanning schedule.

Qualifications and Skills

  • Familiarity with various scanning technologies including Nessus (Security Center and Professional Feed); HP WebInspect; NGSSquirreL

  • Understanding of SANS Top 20 and OWASP Top 10 vulnerabilities.

  • Familiarity with various Operating System Platforms (Windows, UNIX, and end-user) as applied to an enterprise environment.

  • Understanding of various networking Ports, Protocols and Services.

  • 4+ Years of IT Security Work Experience.

  • 1-3 years of experience configuring, customizing, operating, and troubleshooting Operating System, Database, and Application vulnerability scanning tools which include:

    • Nessus (Security Center & Professional Feed)

    • HP WebInspect

    • NGSSquirreL, AppDetective, or other database scanners

  • Experience analyzing scan results to determine if scans were successfully completed.

Required Education and Experience

 

  • Bachelors in any Information Technology or Engineering discipline.  3 years experience in lieu of a bachelors degree.
  • Possess at least one of: Certified Authorization Professional (CAP), or Certified Information Systems Security Professional (CISSP)

Additional Qualifications

  • Understanding of scanning as applied to RMF, Continuous Monitoring, and NIST 800-53 security controls. 
  • Knowledge of Open Vulnerability and Assessment Language (OVAL).
  • 2+ years of experience executing and analyzing compliance and vulnerability scans
  • 2+ years of experience creating custom .audit files in Nessus's custom scripting language
  • Experience remediating or providing guidance to remediate scan findings
  • Experience customizing Nessus Audit Policies.
  • Prior experience with System and/or Network Administration.

Possess any of the following certifications (in order of preference):

  • Tenable Certified Nessus Engineer (TCSE)
  • Tenable Certified Nessus Auditor (TCNA)
  • EC-Council Certified Ethical Hacker (C|EH)
  • CompTIA Network+ Certification

AAP/EEO Statement
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.


Other Duties
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

Read More

Apply for this position

Required*
Apply with Indeed
Attach resume as .pdf, .doc, or .docx (limit 2MB) or Paste resume

Paste your resume here or Attach resume file

150