ClearFocus Technologies, a HUBZone certified company, is located in Leesburg, VA. We specialize in cybersecurity and support multiple government and commercial clients for a variety of missions. We value our clients, integrity and employees and believe a single person can make a difference!
We are committed to attracting and retaining the best and brightest talent who desire to work with industry leading technology to stay on top of their profession. We provide an excellent benefit package which includes medical, dental, vision, paid time off, 401(k), paid professional development reimbursement and more!
Responsibilities:
The Senior Scanner will:
Provide onsite and remote vulnerability scanning and assessment capabilities as a sustained, full-time program independent of incident detection, recovery, or reporting activities
Work with system owners, system developers, and/or system administrators, to holistically examine the security vulnerability findings and assessments of their systems, through a review of the security scans reports, as requested
Produce vulnerability scanning and assessment reports of findings
Coordinate with the Government to use these findings to inform, expand, or focus vulnerability scanning and monitoring efforts
Create and maintain a method of tracking and reporting on trends identified in the vulnerability assessment process to improve efficiency or reduce the cost of delivery of the service.
Document, maintain, and update processes and procedures for performing and conducting vulnerability scanning, vulnerability analyses, and risk assessments of FAA/DOT systems and networks
Provide documentation, maintenance, and update of processes and procedures of Government-furnished vulnerability assessment tools and penetration testing tools.
Ensure all staff are trained and knowledgeable of the vulnerability scanning and penetration testing tools and in the ability to assess vulnerability scan findings
Document vulnerability mitigation processes and procedures as a result of vulnerability findings and risk assessments for FAA/DOT systems and networks, as defined by FAA Policy and Procedures
Document processes and procedures for reporting newly discovered (zero-day) vulnerabilities
Ensure all vulnerability scanning tools and subsystems maintained by FAA SOC are deployed and maintained in accordance with FISMA and NIST assessment and authorization standards
Qualifications:
Minimum ten (10) years IT experience.
Experience with vulnerability assessment tools (Nessus, FoundScan, etc.).