Risk and Vulnerability Analyst II

Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. We deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide.

Overview

SOSi is seeking a Risk and Vulnerability Analyst II to support vulnerability assessment and risk analysis activities in alignment with our customer. This role is responsible for conducting vulnerability scanning and analysis, supporting remediation efforts, maintaining scan operations, and helping improve enterprise visibility into security weaknesses and cyber risk.

 

Responsibilities

·  Perform vulnerability assessments and security scanning across operating systems, databases, web applications, and enterprise infrastructure

·  Analyze vulnerabilities and support development of remediation recommendations

·  Support cloud compliance scans and assessment activities

·  Troubleshoot scan issues and support maintenance of vulnerability scanning tools, consoles, and configurations

·  Support automated and scheduled scanning activities, including scan planning, execution, and reporting

·  Support ad hoc or emergency vulnerability scanning in support of incident investigation and response activities

·  Create and maintain scan reports, data feeds, scan policies, repositories, and user access/roles for assessment tools

·  Support API discovery and scanning, and integration of assessment data into third-party tools

·  Coordinate with cyber defense engineering and system teams to support tool operations, testing, and vulnerability management activities

·  Experience:

• Three (3) to five (5) years of security-related experience
• Experience with operating system, database, and web application vulnerability scanning
• Experience supporting cloud compliance scanning
• Experience troubleshooting vulnerability scan tools and scan configurations
• Experience with automation supporting vulnerability assessment operations
• Experience supporting Information System Vulnerability Management (ISVM) scans and compliance activities
• Experience with API discovery and security scanning

·  Education:

• Bachelor’s Degree

• Clearance/Suitability: Secret (eligible)

Work Environment

• Normal office conditions with potential to perform duties in deployed locations.
• Core hours of operation are Monday through Friday, 0600 – 1700.
• May be requested to work evenings and weekends to meet program and contract needs.

Working at SOSi

All interested individuals will receive consideration and will not be discriminated against for any reason.