Sr. Security IT Enterprise Threat & Vulnerability Management Specialist

Washington, District Of Columbia
Aug 23, 2022
Sep 24, 2022
Full Time

The Security IT Enterprise Threat & Vulnerability Management Specialist shall support the ACIO/CS Office's testing and implementation of security measures impacting initiatives across the enterprise thorough understanding of complex IT systems and knowledge of the latest security standards, systems, and authentication protocols, as well as best practices.

  • Provide functional and technical expertise in Risk Management Policy Frameworks to provide recommendations to mitigate vulnerabilities and known attack paths.
  • Decipher Common Vulnerabilities and Exposure (CVEs) to understand how vulnerabilities may be exploited and the potential impact they may have on confidentiality, integrity, and availability.
  • Take technical vulnerability information and prepare advisories and memos for larger technical and non-technical audiences.
  • Apply fundamental knowledge of Security Principals to help with determining the best course of action against vulnerabilities.
  • Research web and open-source channels for vulnerabilities, and record those into an aggregated log.
  • Participate and provide recommendations in the maturation of the program.
  • Provide support for various data calls. Support includes gathering various levels of information and developing reports.
  • Perform ongoing updates to operational documentation as required to ensure compliance with applicable policies and directives, and to reflect the operational environment.
  • Prepare Deliverables, including Progress, Status, and Management Reports in accordance with the Contract Data Requirements/Deliverables List.
  • Support any Treasury Threat and Vulnerability activities as a result of Executive Orders, Executive Directives, DHS binding Operational Directives, and/or any other cyber policy requirements impacting the Treasury Threat and Vulnerability Program.
  • Facilitate IT security/risk training curriculum.
  • Serve as project manager/lead within IT security projects.
  • Address questions from internal and external audits and examinations.
  • Assist in the creation of Standard operating procedures, operational procedures, and documentation as the program matures and develops.
  • Assist in conducting/presenting monthly Cyber Sub Committee (CSS) Slides and other briefings for an executive overview of vulnerabilities.
  • Assist in maintaining SharePoint and Teams (future state) environment to ensure all documents are up-to-date and organized.
  • Complete annual company and customer required training, as required.
  • Complete timesheet daily in an online system according to company policies and procedures.
  • Other duties as assigned.

  • Bachelor's Degree (Masters preferred)
  • Must have 5+ years of senior-level technical expertise with specialized experience in cybersecurity and interoperability for complex hardware, software, and automated information systems.
  • Must be a U.S. Citizen or Lawful Permanent Resident Alien with at least three or more years of U.S. residency from the legal entry date into the United States.
  • Must have the ability to obtain and maintain a favorable Department of Treasury background investigation, for the life cycle of the project.
  • The position requires a COVID vaccination or an approved accommodation/exemption for a disability/medical condition or religious belief.

Knowledge, Skills and Abilities:
  • Must have knowledge, skills, and abilities in one or more of the following Cybersecurity Concepts, Architecture Principles, Security of Networks, Applications and Data, Security Implications, and Adoption of Evolving Cyber Technology.
  • Possess in-depth knowledge of cybersecurity architecture.
  • Must have experience in the subject matter at a similar size, scope, and complexity as required by this Task Order.
  • Experience managing Cyber Vulnerability and Threat information on an HQ level.
  • Position requires senior level technical expertise with specialized experience in cybersecurity and interoperability for complex hardware, software, and automated information systems.
  • Possess in-depth knowledge of cybersecurity architecture.
  • Ability to capture high-level technical information in a clear, concise manner.
  • Possess strong communication and organization skills.
  • Be a highly motivated, independent thinker and team player, with a sense of urgency, and the ability to meet management and customer deadlines in a fast-paced environment.
  • Must have the ability to take and pass a drug test (The Department may require drug screening for probable cause at any time).
  • Must have the ability to attend all customer in-person meetings and conferences as requested.
  • Ability to multi-task in a high-stress, performance-based environment.
  • Ability to establish priorities and meet established deadlines.
  • Ability to travel up to 10% as required.
  • Posses strong problem solving and leadership skills.
  • Maintain a high level of integrity and accountability.

#Chenega Analytic Business Solutions, LLC

Chenega Corporation and family of companies is an EOE.

Equal Opportunity Employer/Veterans/Disabled

Native preference under PL 93-638.

We participate in the E-Verify Employment Verification Program

Similar jobs