[Remote] Vulnerability Analyst

Remote role Full-time Open position

Note: The job is a remote job and is open to candidates in USA. Boston Government Services, LLC (BGS) is an engineering, technology, and security firm dedicated to supporting government programs and national security initiatives. They are seeking a Vulnerability Analyst to conduct assessments of systems and networks, identify vulnerabilities, and recommend mitigation strategies while collaborating with IT and development teams.

Responsibilities

Possess a working level expertise with the National Institute of Standards and Technologies (NIST) Cybersecurity Framework (CSF) and the NIST 800-53 series of control families and approaches
Using automated tools and manual techniques to Client security weaknesses (i.e. Tenable Security Center, Nucleus Security, etc...)
Conducting regular scans and assessments of systems, applications, and networks to identify potential vulnerabilities
Analyzing the identified vulnerabilities to determine their potential impact on the organization
Prioritizing vulnerabilities based on their severity and the risk they pose to the organization
Performing routine assignment of tickets to IT and other teams to address vulnerabilities as part of a 'cyber hygiene' process
Recommending mitigation strategies to address identified vulnerabilities
Working with IT and development teams to apply patches, configure systems securely, and implement other remediation measures. This position is not expected to perform patching activities
Creating detailed reports on the findings of vulnerability assessments and risk analyses
Documenting the status of vulnerabilities and the actions taken to mitigate them
Communicating the results of vulnerability assessments, risk analyses, and other cyber hygiene work to stakeholders, including management and technical teams
Staying up to date with the latest cybersecurity threats, vulnerabilities, and best practices
Continuously improving the organization's vulnerability management processes and tools
Attend online/Teams meetings with team and others as appropriate
Work with team to provide status on current task, suggest improvements, discuss implementation, etc

Skills

Practical experience in conducting vulnerability assessments and/or penetration tests
Experience in system and network administration
Familiarity with security concerns and vulnerabilities common in an enterprise environment, including application development, IT/OT environments, virtualization, containers, etc
Staying up to date with the latest cybersecurity threats, vulnerabilities, and best practices
Strong analytical and problem-solving skills to identify and assess vulnerabilities
Meticulous attention to detail to ensure thorough assessments and accurate reporting
Excellent written and verbal communication skills to effectively convey findings and recommendations to technical and non-technical stakeholders
Ability to work collaboratively with other cybersecurity professionals, IT staff, and external vendors
Considerable knowledge/experience of assessing security controls
Experience and skill in conducting audits or reviews of technical systems
Experience working in a government environment
Experience working in a distributed IT environment
Ability to obtain HSPD-12 card for use in two-factor authentication
Able to work both independently and as a contributing member of a small technical team
Able to disseminate knowledge to current staff
Must be a U.S. citizen
Successful drug screening
Proficiency in using vulnerability scanning tools such as Tenable, Nessus, Qualys, OpenVAS, and Nexpose
Familiarity with penetration testing tools like Metasploit, Burp Suite, and Nmap
Strong knowledge of various operating systems, including Windows, Linux, and macOS
Understanding of system administration and security configurations
In-depth understanding of network protocols, architecture, and security
Experience with network scanning and monitoring tools
Ability to write scripts in languages such as Python, Bash, or PowerShell to automate tasks and analyze data
Basic programming skills to understand and analyze code for vulnerabilities
Familiarity with cybersecurity frameworks and standards such as NIST, ISO 27001, CIS Controls, and OWASP
Understanding of the Cybersecurity Framework (CSF) and NIST 800-53 controls

Benefits

Health
Dental
Vision
Life Insurance
Paid Vacation
401K
Long and Short-Term Disability

Company Overview

Boston Government Services, LLC (BGS) is an engineering, technology, and security firm providing mission-focused solutions for the clean energy, nuclear, and federal programs markets. It was founded in 2007, and is headquartered in Oak Ridge, Tennessee, USA, with a workforce of 201-500 employees. Its website is https://www.bgs-llc.com/.

Apply To This Job

Apply

[Remote] Vulnerability Analyst

Further positions

[Remote] Direct Sales Representative (Remote + Central Time Only)

[Remote] Corporate Account Executive - Nevada

[Remote] Director, Injection Sales (Western US)

[Remote] Access Supervisor, Inside Sales (Remote)

[Remote] Senior Site Reliability Engineer

[Remote] Inside Sales Representative - Retirement

[Remote] Senior Software Engineer

[Remote] Senior Software Engineer, Big Data

[Remote] DevOps Engineer III

[Remote] Tooling Design Engineer

Maintenence Control Center Supervisor

Experienced Online Web Chat Manager – Customer Service and Digital Engagement Expert

Experienced Full Stack Customer Support Specialist – Live Chat & Remote Work Opportunities

Presenter [Native Arabic speakers with English fluency]

Experienced Health & Benefits Customer Service Representative / Support Specialist (Remote) - Join arenaflex's Mission to Simplify Healthcare and Wealth

Staff Product Designer (Multiple Roles, Multiple Teams)

Sr Director, Product Marketing

CRM and Outbound Systems Architect - Contract

Senior Automation Solutions Engineer – Global Supply Chain & Retail Innovation – $30/Hour – arenaflex

Beginner Level Virtual Customer Service Representative