This position is contingent upon contract award
We are looking for a talented Systems Vulnerability Assessments Lead that will support several divisions in the Office of the Chief Information Security Officer (OCISO) to enhance and maintain IT infrastructure; develop and enhance key systems to support operating programs; and increase efficiencies and cooperation across FEMA’s divisional and regional lines.
Essential Functions of the Job

• Conduct vulnerability scans and analysis of all FEMA information systems as a part of the Security Authorization process, Ongoing Authorization, and the Change Request process. This includes ongoing regularly scheduled scans (e.g. quarterly, monthly), ad-hoc scan requests, and validation scans
• Leverage existing scans or conduct new scans leveraging FEMA tools. Current, and soon to be implemented, tools include the following. Other tools may be used with approval from the government. The contractor shall provide recommendations on new and emerging tools when needed.
• a. Infrastructure/SCAP – Tenable, Tenable.IO
• b. Database – App Detective, Tenable.IO
• c. Web applications – Webinspect, Netsparker, Burpsuite
• d. Source code - Fortify

• Provide certified Cyber Security Support Professionals (CSSP) capable of supporting FEMA cyber security tools. The contractor shall have the expertise to utilize, operate, and provide detailed analysis of output of FEMA vulnerability tools.
• Create Rules of Engagements (RoEs), scanning authorizations, security assessment plans, and security assessment reports (SARs). SARs provides an analysis of vulnerabilities, provides recommendations for remediation, and an assessment of vulnerability risk. Reports will be timely, of high quality, free from grammar and punctuation issues and will provide detailed technical content related to security vulnerability assessments.
• Schedule, create material for, and conduct assessment kickoff meetings, out-brief meetings, technical working sessions, and other ad-hoc meetings with system stakeholders to review assessment processes, scans, scan analysis, assessment findings, and other topics.
• Work with stakeholders to identify assessment false positives.
• Serve as the vulnerability technical expert with OCISO in stakeholder meetings.
• Improve automation in assessments, leveraging scripting, technologies, and processes to ensure maximum optimization.
• Develop scripts to automate cyber assessment reporting and tracking.
• Develop weekly status reports detailing work performed and work to be performed.
• Create dashboards and reports detailing vulnerability risk.
• Develop and maintain standard operating procedures that support detailed vulnerability testing that is repeatable and measurable.

Required Qualifications

• Minimum of 10 years as a cyber security professional with experience in leading teams and conducting vulnerability assessments
• Certified Information System Security Professional (CISSP) certification
• Ethical Hacking Certification (CEH)
• GIAC Certified Penetration Tester (GPEN)

Working Conditions

• Normal Office Hours: Monday thru Friday

Physical Requirements

• N/A

Benefits
GCubed offers the following benefits to full time employees: Medical Insurance, Dental Insurance, Vision Insurance, Company Paid Life Insurance, Short Term & Long-Term Disability, Flexible Spending Account, 401k Retirement Savings Plan with Company Match, Employee Assistance Program, Tuition and Professional Development Assistance, 529 College Savings Plan, and Tricare Supplement Insurance.
EEO Statement
GCubed, Inc. does not discriminate in employment on the basis of race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, military service, or other non-merit factor.

Job Type: Full-time

Please Note :
apexdining.ca is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, apexdining.ca provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, Site.com is the ideal place to find your next job.