Vulnerability Scanning Engineer (Operations Team Lead)-Secret Clearance

Vulnerability Scanning Operations Team Lead
Opportunity Details:
This person will work onsite at our customer location in Rosslyn VA. This position supports continuous network vulnerability and compliance scanning supporting the Bureau of Diplomatic Security for the Department of State. Team duties include, but are not limited to , conducting compliance and vulnerability scans on workstations, servers, databases, web servers and DMZ assets as well as reporting metrics, generating contract required deliverables, researching cyber security issues, and providing customer service. The Evaluation & Verification (E&V) Scanning team is responsible for weekly vulnerability and compliance reporting on over 110,000 assets across 300 foreign posts and hundreds of domestic locations.
Position Overview:
The Vulnerability Scanning Operations Team Lead is responsible for managing daily operations for the E&V Scanning Team. The operations team focuses on maintenance and performance of scanning tools and customer service on all scanning related issues. The successful candidate is expected to mentor junior members of the team, provide a strong technical presence, manage daily tasks and supervise customer care.
Position Responsibilities:
Lead a team of six cybersecurity specialists tasked with daily operation of compliance and vulnerability scanning for the enterprise. Provide mentoring and guidance to operations engineers and analysts.
Monitor team mailbox and Remedy ticketing system to ensure proper process flow, top tier customer care and compliance with service level agreements.
Responsible for implementing and maintaining vulnerability (McAfee Vulnerability Manager) and compliance (McAfee ePolicy Orchestrator/Policy Auditor) scanning tools.
Understanding and maintenance of SCAP content utilized by Policy Auditor for security compliance scanning.
Manage personnel to meet customer demand for ad hoc and local on-site A&A scans.
Perform and post results of bi-weekly and on demand vulnerability assessments
Provide incident reporting and response capability
Ensure data flows are maintained between internal tools and enterprise wide reporting dashboard
Interface with vendor support teams to keep abreast of developments in product lines.
Create, compile, and maintain working and SOP documents for specific E&V enterprise products and tools.
Candidate will be responsible for personnel actions including hiring, onboarding and training and ongoing personnel management.
Provide feedback on proposed solutions from both a technical and managerial perspective. Candidate must be able to balance the technical and managerial roles.
8 or more years of experience in an information technology or cybersecurity field....BS Preferred
Certifications : Security+, CISSP, CEH or GCIA all preferred, but not required.
Experience :
Previous experience with continuous monitoring and vulnerability scanning in an enterprise environment
Experience in a team leadership role
Experience in training and mentoring colleagues
Technical knowledge of information technology and cyber security standards and issues is required for this position
Problem solving and attention to detail
Effective written and verbal communication skills
Persistent and polite follow-up with clients in order to maintain project schedule
Vulnerability Scanning tools and concepts.
The CVE (Common Vulnerabilities and Exposures) standard
Knowledge and ability to assess NIST Special Publication 800-53
Center for Strategic and International Studies: Twenty Critical Controls for Effective Cyber Defense
The IT Security Functional Requirements, outlined in the protection profile for databases by NIAP CCEVS (
Windows Operating Systems & Common Technologies (Windows Server 2008 R2, Windows Server 2012, Windows 7, Windows 8.1, MS SQL, Active Directory, Powershell)
Understanding of the core concepts, architecture, and use of industry standard relational databases (MS SQL and Oracle)
Tools : McAfee Vulnerability Manager (MVM), McAfee ePolicy Orchestrator (ePO), McAfee Host Intrusion Prevention System (HIPS), McAfee Vulnerability Manager for Databases (formerly Centrigo), McAfee Policy Auditor, McAfee Web Application Assessment Module (WAAM).
Are you a returning applicant?Previous Applicants:Email:Password:
If you do not remember your password click here.

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

Hampton, VA CACI International
Network Services Security Operations Team Lead
Richmond, VA Bank of America Corporation
364219BR - Project Engineer Sr - Chesapeake, V...
Chesapeake, VA Leidos
PTL Technical Operations Team Lead
Arlington, VA Olgoonik Development
NETWORK ENGINEER, LEAD / Network Specialist Se...
Hampton, VA CACI International