Cyber Command Vulnerability Management Specialist

Job Description

Job DescriptionJob Title: Cyber Command Vulnerability Management Specialist

Pay Rate: $55 to $60 per hour

Location: Brooklyn, NY

Schedule: Hybrid, Full-Time

Job Summary:


The Cyber Command Threat Management division within OTI is seeking a Vulnerability Management Specialist to serve as a subject matter expert in vulnerability management.

Key Responsibilities:

1. Research and analyze CVEs, CVSS, vector strings, NVD, Mitre, and attack vectors.
   
   
2. Brief management and team members on risk assessments and mitigation strategies.
   
   
3. Design, architect, and build Rapid7 vulnerability scanning infrastructure.
   
   
4. Manage and configure vulnerability scans in Rapid7 across various networks.
   
   
5. Conduct vulnerability analysis using Rapid7 dashboards and industry data.
   
   
6. Evaluate vulnerabilities, assess risk, and develop mitigation strategies.
   
   
7. Present technical briefings to internal teams and external stakeholders.
   
   
8. Create and utilize scripts (Python, PowerShell, etc.) to automate scanning tasks.
   
   
9. Automate detection, reporting, and tracking of identified vulnerabilities.
   
   
10. Generate detailed analysis and reports using Rapid7, Excel, and PowerPoint.
    
    
11. Travel within NYC for project-related work when required.
    
    

Mandatory Skills & Experience:

1. Minimum 8 years of experience in Cybersecurity with a focus on vulnerability management.
   
   
2. Strong knowledge of CVEs, CVSS, vector strings, NVD, Mitre, and attack vectors.
   
   
3. Proven experience in the design and execution of Rapid7 vulnerability scans.
   
   
4. Ability to analyze scan results, assess risk, and recommend mitigation.
   
   
5. Experience in developing and implementing remediation strategies.
   
   
6. Skilled in conducting cybersecurity intel research and reporting findings.
   
   
7. Advanced scripting skills in Python, PowerShell, or similar tools.
   
   
8. Expertise in Microsoft Excel, particularly VLookup and Pivot Tables.
   
   

Desirable Skills & Experience:

1. Ability to present vulnerability risk reports to technical and non-technical audiences.
   
   
2. Familiarity with current cyber threat landscape, tactics, and techniques.
   
   
3. Experience working with agencies to promote Cyber Command initiatives.
   
   
4. Proficiency in Tableau for reporting and analytics.
   
   
5. Knowledge of network security technologies: firewalls, IDS, DNS, VPN, proxies, etc.
   
   
6. Experience across multiple platforms: Windows, Linux, VMWare, Cisco IOS, Mobile OS.
   
   
7. Understanding of encryption, encoding, hashing, and public-key cryptography.
   
   
8. Familiarity with security frameworks and best practices: NIST, CIS, Microsoft, Palo Alto, etc.
   
   
9. Experience analyzing and developing cybersecurity documentation.
   
   
10. Strong background with Windows and Linux servers.
    
    
11. Excellent written and oral communication skills.
    
    
12. Strong organizational and analytical skills.
    
    
13. Relevant certifications such as CISSP, GSEC, GCIA, GCIH, CEH, CWAPT.