Mid Vulnerability Assessment Analyst - IRES

Geo Control Systems, Inc. as a HUBZone company, is required to maintain a Federally mandated level of employees that reside (home residence) in a qualified HUBZone. ONLY applicants whose home address lies in a qualified HUBZone will be considered for this position. You can verify whether you reside in a HUBZone by using the following website: (Use the "Apply for this Job" box below)./map

The Mid Vulnerability Assessment Analyst supports the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract. The candidate will:

• Perform Defensive Cyber Operations (DCO)/Cyber Security Service Provider (CSSP) duties outlined in Evaluator Scoring Metrics (ESM).
• Perform cybersecurity duties on customer networks (proactively and reactively) to improve enterprise-wide security posture.
• Perform and analyze vulnerability scans, currently utilizing Prisma and the Assured Compliance Assessment Solution (ACAS/Nessus) scanning tool.
• Analyze correlated asset, threat, and vulnerability data against known adversary exploits and techniques to determine impact and improve network defensive posture.
• Support the development, establishment, review and update of DCO procedures, processes, manuals, and other documentation.
• Support Anti-Malware program, forward alerts and warnings to customers, respond to customer malware reports and assist in implementing protective/anti- malware measures.
• Assist with host-based security across the enterprise, currently utilizing DoD Endpoint Security Solutions (ESS), to include antimalware, host-based intrusion protection system, data loss prevention, and rogue system detection.
• Generate vulnerability assessment reports for customers and escalate for further review.
• Create, update, and manage queries and dashboards pertaining to Endpoint Security Solutions (ESS), ACAS, and related security tools.
• Support Incident Response across the enterprise IAW DoD regulations and instructions.
• Lead cyber events and incident investigations from start to conclusion, to include gathering data, analysis, and reporting.
• Support DCO operations by mentoring and training junior DCO analysts.

• Have experience with most MS Office applications (Word, Excel, PowerPoint, and Visio).
• Be able to multi-task and prioritize various projects and assignments in a dynamic work environment in order to meet scheduled/unscheduled customer requests.
• Be willing to travel 25% of the time.
• Be willing to support rotating shifts in a 24/7 operational environment and respond quickly to emergencies as needed.

Resumes, in month and year format, must be submitted with application in order to be considered for the position. The selected candidate may be assigned as an employee for one of our teammate companies.

Basic Requirements:

• Must have 6, or more, years of general (full-time) work experience
• May be reduced with completion of advanced education
• Must have 4 years of combined experience with:
• Performing vulnerability scans or analysis using enterprise scanning tools
• Practical experience with cybersecurity frameworks or conducting risk assessments
• Experience performing the full life-cycle of incident response and enterprise-level monitoring
• Must have 1 year experience in management or leadership in a team environment.
• Must have a current DoD 8570.01-M IAT Level II certification with Continuing Education (CE) - (CySA+, GICSP, GSEC, Security+ CE, SSCP)
• Must have a DoD 8570.01-M CSSP Auditor certification (CEH, CySA+, etc.)
• Must have an active DoD Secret Security Clearance

Desired Requirements:

• Have an Bachelor's degree, or higher, in Cybersecurity, Computer Science or related field
• Have experience with security analysis and solutions in a WAN/LAN environment to include Routers, Switches, Network Devices, and Operating Systems (e.g., Windows, and Linux)
• Have experience with other Security Operations Centers (SOC)/DCO tools/applications, such as Firewalls, Intrusion Detection Systems / Intrusion Prevention Systems, Network Security Manager, Bluecoat, Barracuda, etc.
• Have experience performing security compliance scans across a WAN (ACAS/Nessus preferred)
• Have a background in configuration, troubleshooting, and deployment of host-based security (ESS preferred)
• Be able to mentor and train personnel in an evolving, high-paced environment
• Be familiar with DoD Security Operations Centers (SOC) (aka CSSP)
• Be familiar with DCO/Cybersecurity Service Provider (CSSP)-guiding security policies and procedures
• Have an active DoD Top Secret clearance

This position is expected to pay $128,000 – $134,000 annually; depending on experience, education, and any certifications that are directly related to the position.

GCS health and welfare benefits are designed to invest in you, and in the things you care about. Your health. Your well-being. Your security. Your future. Typical benefits offered include flexible work schedules and opportunities to work remotely, educational reimbursement,…