Remediation Management Speciality - SME

Location: Eagan, MN, United States
Date Posted: 11-01-2017
The Cyber Security Vulnerability Engineer accurately assess the vulnerabilities associated with customer information systems, coordinate with system owners to remediate vulnerabilities, and report progress of the remediation efforts to customer management.

Responsibilities will include:
  • Serve as SME to explain vulnerabilities and risk to management and technical resources.
  • Serve as SME to assist in vulnerability remediation and providing written recommendations on how to mitigate risks. Ensuring recommendations are in compliance with customer regulations, guidance, and management directives.
  • Investigate identified vulnerability risks and assist to prioritize vulnerability remediation actions.
  • Assist in compliance efforts (SOX, PCI, FISMA)
  • Complete assigned projects or assignments independently.
  • Communicate goals, build consensus across teams and negotiate remediation efforts and timelines. Assisting with research, documentation, revision, development, evaluation, and implementation of security plans.
  • Providing support to the team lead who works directly with Staff/Program Managers from Corporate Information Security Office (CISO).
  • Researching, developing, implementing and assessing the effectiveness of security policies, procedures, and controls to support customer operations.
  • Assisting with the development of stakeholder communications, e.g., reports, security presentations, executive-level briefings, etc.
  • Collaborating with stakeholders to ensure security issues are addressed correctly.
  • Maintaining relationships among CISO Leadership, Policy and Risk Management, Inspection Service and Postal Service unit managers, security control officers, area security coordinators, and other key deliverable stakeholders.
  • Providing security guidance to internal and external customers.
  • Serving as a liaison between the client organizations.
  • Developing measures of effectiveness and measures of performance for the remediation of vulnerabilities
Required Skills:
  • The position requires U.S. Person status or a Non-U.S. Person be eligible to obtain Authorization.
  • Understanding of common regulatory or standards-based control frameworks such as: PCI-DSS, ISO 27001/2, NIST 800-53, etc.
  • Knowledge of OWASP, SANS Top 20 Critical Security Controls and NIST Vulnerability Database (CVE & CCE)
  • Knowledge of networking protocols: TCP/IP, HTTP/HTTPs, FTP, DNS, etc.
  • Knowledge of Windows and Unix Operating Systems

Human Capital Specialists

Please contact our Team with any questions:

Phone: 240-505-0228

this job portal is powered by CATS