WashingtonRecruiter Since 2001
the smart solution for Washington DC jobs

Security Engineer (Patch & Vulnerability Management/Elimination)

Company: VMD Corp
Location: Fairfax
Posted on: May 28, 2023

Job Description:


NOTE - Only candidates who reside in one of the following states will be considered: Virginia, Maryland, District of Columbia, New York, New Jersey, Missouri, Florida, Louisiana, Kansas, Colorado, South Carolina, Pennsylvania, and Texas.

Founded in 2002, VMD is an award-winning provider of Agile Software Engineering, Digital Infrastructure, Cybersecurity, and Transportation Security Services to numerous U.S. Federal Government clients including projects across both DoD and Civilian agencies. We specialize in high-level, tip of the spear engagements with a significant impact on mission success for our clients.Why Join VMD Corp?

VMD fosters a culture that is founded onand you canto our Vision Mission Driven employees.VMD Employees envision the future. We hold ourselves accountable and hold each other to equally high standards. Our people recognize and reward greatness and are humble in doing so. VMD Employees understand big accomplishments take a team. Our people learn from both our mistakes and successes; we pursue improvement relentlessly, objectively and without bias. We share our thoughts and ideas with purpose and transparency. We commit to the mission, the customer and to each other. We love being nimble and producing results.Our team is one of the best in the business.About the Mission You Will Join:
The Department of Homeland Security (DHS) - U.S. Immigration and Customs Enforcement (ICE) has entrusted VMD to support the Office of the Chief Information Officer's (OCIO's) Information Assurance Division (IAD) to establish, implement, and maintain a mature, robust agency risk management program that integrates Agile and SecDevOps methodologies and other industry best practices.VMD's mission is to work on the high-priority federal cybersecurity initiatives within the IAD, providing cybersecurity program management, innovation, governance, vulnerability elimination, Information System Security Officer (ISSO) support, training, and security engineering activities of approximately 100+ FISMA reportable system boundaries. VMD facilitates the implementation and operations at an enterprise-level that deal with a wide-range of cybersecurity tools and incidents to protect ICE IT assets from adversaries. The entire team consists of 80+ cybersecurity professionals and could grow within the next year as agency identifies additional tasks.Your Impact to the Mission:Patch and Vulnerability Management is a vital part of team VMDs security efforts in support of the DHS/ICE mission. As new threats emerge, team VMD must be able to rapidly assess the threat landscape, make recommendations, and track fixes across a large attack surface.The Security Engineer (Vulnerability and Patch Management/Elimination) will use various security tools to identify, classify and track remediation of vulnerabilities in ICE's systems. You will interact with other teams to enable prioritization, escalation, and remediation of vulnerabilities as needed. You will have an opportunity to:

Conduct vulnerability scans at the network, operating system, database, and application levels on both internal and external systems within this organizations enterprise. Build and maintain metrics and KPIs for vulnerability management, that include scan coverage or compliance against defined SLAs. Establish multiple relationships with senior level customers and managers across the organization to act as a respected technical interface both internally and externally to deliver and enhance VMD service. Analyze threat and vulnerability feeds and analyze data for applicability. Conduct vulnerability assessments, red teaming, and penetration testing to identify weaknesses and countermeasures. Drive remediation by working with various teams and assist in generating asset inventory reports and identify discrepancies. Perform attack surface reviews and multilayer defense systems to prevent exploits, detect and intercept attacks, and discover threat agents. Leverage software tools to aid in the discovery and removal of vulnerabilities in a system. Work with both external vendors and other groups to coordinate and conduct schedule and ad-hoc testing. Provide timely vulnerability assessment reports to key stakeholders. Provide relevant threat intelligence documents to key stakeholders.Experience Needed to Be Successful:
3 - 5 years of experience in Vulnerability Management or a related field Advanced knowledge of vulnerability assessment tools; including configuration and maintenance, scan execution, agent deployment, and oversight. Proficiency with UNIX operating systems, command line usage, and system administration Must have the ability to document policies and procedures and keep them updated according to NIST and 4300A compliance requirements and track of remediation of vulnerabilities as/if they are handed off to the other teams. Understanding of DevOps including orchestration (GIT, Chef, Ansible, etc.) Understanding of the Top 10 OWASP (Open Web Application Security Project) vulnerabilities (most critical web vulnerabilities) and how to identify and remediate them. Knowledge of AWS (Amazon Web Services), GPC (Google Private Cloud), Azure, or other cloud platforms and related technologies is desired. Familiar with Linux systems.Basic Qualifier
Education Requirement: B.A. or B.S. degree (or higher-level degree) in Computer Science or a similar engineering program with strong academic performance preferred. Can Additional Years of Experience Substitute for Degree?Yes Desired Certification(s): CompTIA Linux+, Offensive Security Certified Professional (OSCP) or Cloud Certification(s) Minimum Years of Overall Experience:5 Minimum Years of Specific Experience in Field:3 Minimum Clearance to Start:Public Trust Work Status Allowable:US CitizenshipTravel and Telecommuting:
Travel:None Telecommute Options:YesVMD provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable Federal, state and local laws. VMD maintains a drug-free workplace.

Keywords: VMD Corp, Washington DC , Security Engineer (Patch & Vulnerability Management/Elimination), Engineering , Fairfax, DC

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account