No H1B Only //-EAD-EAD Job Description Title: Vulnerability Management Specialist/ Cybersecurity Project Manager Location: Brooklyn, NY Duration: 24+ months Experience-8+Years Non locals will work but need to come to the office once a week. Required Skills
At least 8 years of experience in Cybersecurity, including vulnerability management scanning tools, vulnerability assessments, scripting, vulnerability management scan result analysis, Excel
Strong knowledge of CVE’s, CVSS, Vector Strings, NVD, Mitre, attack vectors and mitigations
Experience with the design, architect and build of vulnerability management scanning infrastructure and tools specifically Rapid7 and Tenable; extensive hands-on experience conducting Rapid7 and Tenable vulnerability scans across various networks; experience conducting Rapid7 and Tenable vulnerability management analysis through reports and dashboards to accurately identify risk
Experience evaluating security vulnerabilities, assessing risk and impact, developing mitigation strategies, and implementing remediation
Experience conducting intel research around CVE’s, vendor hardware/software vulnerabilities, and presenting succinct technical overviews to team members and customers
Extensive experience with scripting such as Python and PowerShell to automate vulnerability management tasks
Extensive experience with Excel, especially for performing data analysis through VLookup and Pivot Tables
Desired Skills
Experience with Cybersecurity standards and best practices and how to integrate them
Provide oral and written reports on vulnerability risk to the team and possibly agencies’ technical stakeholders
Ability to evaluate the current threat landscape that includes tactics, techniques and procedures
Strong background with next generation firewall products, intrusion detection systems, DMZ, IPSec, DNS, SMTP, HTTP, VPN, proxies, etc.
Knowledge of security best practices across multiple platforms, such as Microsoft Windows, VMWare, Linux, VPN, Cisco IOS, and Mobile OS Android/Apple IOS.
Knowledge of public-key cryptography, understanding of encoding, encryption, and hashing techniques
Knowledge of security best practices: NIST, CIS, Cisco, Juniper, Palo Alto, Fortinet, Checkpoint, F5, Microsoft, Unix/Linux, etc.
Ability to analyse Cybersecurity documentation, including security policies, plans, and procedures.
Extensive experience with Windows and Linux Servers
Certifications such as Certified Information Systems Security Professional (CISSP) Certification, Security Essentials Certification (GSEC), Certified Intrusion Analyst (GCIA), Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH), Certified Penetration Tester (CWAPT)
