Why Work at SI?
Secure Innovations (SI)
successfully and continuously strives to become experts in the Cybersecurity field by only focusing on Cyber! Because of this, we proudly stand behind our motto, "We're Not Standard Cyber. We're the Cyber Standard."
SI was built on the principle that people matter first and foremost. Our focus is on PEOPLE - our employees and our customers. SI believes in providing a strong work/life balance by investing in our employees and encouraging professional and personal growth. We do this by offering exceptional benefits, flexible schedules, and the tools necessary to achieve success through paid training, mentoring, and the opportunity to work alongside top-notch security professionals.
Researches estimates of risks associated with technologies and discovered threats, enabling organization to assess the resources needed to respond effectively. Follows systematic process to assess the ability of systems and networks to withstand exploitation by adversaries. Evaluates system threats and vulnerabilities, identifies deviations from acceptable configurations, enterprise or local policy, assesses the level of risk, and recommends appropriate mitigation countermeasures in all situations. Assesses systems security posture to maintain acceptable risk. May perform technical tests, network scans, vulnerability scans to evaluate the effectiveness of systems, devices, procedures, and methods used to safeguard information in computer accessible media.
Education & Clearance Requirements:
- BS Degree & 12 years of experience
- Secret Clearance
- CISSP (IAT Certified Level III)
- Perform scans to identify vulnerabilities or confirm compliance to security standards
- Maintain patch and vulnerability management practices to protect against the exploitation of critical vulnerabilities
- Apply knowledge of operating systems, applications, and database vulnerability assessments (to include system configuration checks) on various Information Systems
- Interpret vulnerability assessment results and report findings to senior EVM staff as well as recommendations for remediation
- Conduct research on current vulnerabilities and exploits using publicly available, trusted resources and other finished vulnerability products
- Implement and utilize a combination of automated tools and manual checks to identify and validate vulnerabilities
- Conduct vulnerability scans and assessments at the network, operating system, database, and application levels
- Perform vulnerability scanning and analysis to eliminate false positives and to aggregate findings by specific best practice criteria
- Validates the vulnerabilities identified against the NIST Framework, National Vulnerability Database (NVD), MITRE ATTACK and Security Best Practice standards such as DISA STIGS, CIS Benchmarks and vendor hardening standards
- Provide recommendations for remediation and collecting evidence to verify the vulnerability no longer exists
- Provide reporting on status on as directed schedule.
- Applicant must be a United States Citizen with the ability to obtain a government clearance
- Background in Windows/Unix system administration, security technologies, and network architectures
- Experience with vulnerability management tools such as Nessus, Security Center, etc.
- Experience developing PowerShell scripts or automation
- Experience with patch management tools - SCCM, Satellite
- Knowledge of security assessment methods and risk management process