Job ID: VA-795168 (910090210)
Remote/Local (Richmond ONLY) Security Analyst/Engineer (C2H/Security+/CCFA/Tenable) with EDR/Vulnerability Management System admin experience
Location: Richmond VA (VITA)
Duration: 12 Months
Role is 100% remote however if selected candidates will be required to attend monthly meetings onsite in Richmond. For this reason, the preference is for local Richmond candidates.
Skills:
Administer and Maintain EDR Tools Required 4 Years
Administer and Maintain Vulnerability Management System Required 4 Years
Experience in information security, with a focus on security technologies. Required
Excellent verbal and written communication skills; ability to convey complex security concepts in a clear and relatable manner. Required
Ability to work independently and as part of a team. Highly desired
Excellent organizational skills and attention to detail. Highly desired
Relevant certifications preferred. Highly desired
Job Description:
Pls note: TWO ROLES .Although there are two roles, I am asking that you send only your TOP TWO candidates (vs 4) to avoid getting too many duplications. Any candidates after your initial two may be rejected. Choose and submit only your TOP TWO!
*This role has the POTENTIAL to go perm after 6 mo. For this reason candidates must be able to be considered (by the agency) and not need sponsorship. US Citizen or Green Card holders only (no EADS). The contractor will still be required to go thru the VITA hiring process if they are interested in being considered for the FTE role with VITA. No guarantees the contractor will be selected for the FTE role.
ABOUT THE ROLE:
We are seeking an experienced Cybersecurity Engineer to support Security Products for Local Governments. The ideal candidate will possess in-depth knowledge of configuring and administering Security Tools and Products.
% Time
Core Responsibilities
Measures for Core Responsibilities
40
Administer and Maintain EDR Tools
Tune detection rules to reduce false positives and improve threat visibility for each covered locality.
Ensure asset inventory is accurate and up to date for each covered locality.
Regularly update the EDR platform and agents to the latest versions.
Review and adjust security policies.
Conduct health checks to ensure the EDR system is functioning properly.
Investigate and remediate unexcepted agent behavior
Ensure that Integrations are working as required and troubleshoot when issues are identified
40
Administer and Maintain Vulnerability Management System
Maintain and update the vulnerability management platform and agents
Conduct health checks to ensure the VMS system is functioning properly.
Tune scan policies to reduce false positives and improve accuracy for each covered locality
Ensure asset inventory is accurate and up to date for each covered locality
Configure and schedule scans for each covered locality.
Investigate and remediate unexpected agent behavior
· Ensure that integrations are working as required and troubleshoot when issues are identified
20
General Support
·Respond to and resolve customer inquiries and issues submitted through the ticketing system and SOC
Maintain and update the Remote Monitoring and Management platform and agents
·Accurately document customer interactions, troubleshooting steps, and resolutions
·Escalate complex or unresolved issues as needed
·Monitor ticket queues to ensure service level agreements (SLAs) are met and follow up with customers as needed
Desired Certifications
·Security+
·CrowdStrike Certified Falcon Administrator (CCFA)
·Tenable Certified
·Additional Cybersecurity Related Certifications