IT Security Consultant
Washington, DC 20001
The main focus of this role is to work within the Security Team to monitor IT system and application vulnerability
Duties will include:
- Perform vulnerability assessments of all network systems including scanning and analysis of the target networks.
- Perform security assessments of new and existing applications by performing periodic scans.
- Research platform-specific disclosed vulnerabilities and analyze the impact to the enterprise.
- Create documentation on specific remediation steps to close vulnerabilities or mitigate risk to acceptable levels.
- Manage and maintain assessment platforms.
- Provide customer with feedback
- Bachelor's Degree in Computer Science
- 5+ years of experience in the field of IT security
- 3-5 years demonstrated operational implementation and use of Nexpose, Nessus, Qualys or similar scanning tools.
- Understanding of patch management tools for Windows and Unix environments.
- Familiarity with OWASP and NIST standards for application and network assessments.
- Knowledge of open source packages such as Kali Linux or Metasploit
- Scripting knowledge (Python, shell scripting, Java script).
- Demonstrated understanding of software development life-cycle and secure coding techniques.
- Knowledge of IT security architecture and design (firewalls, Intrusion Detection Systems, Virtual Private Networking, and virus/malware protection technologies -- behavioral based a plus).
- Knowledge of Windows and Unix operating systems.
Nice to have:
- Security+ Certification, CEH or other security certifications
- Basic programming experience
- Tool specific certification (Rapid7, Nessus, Fortify, WSUS, BF, SCCM, Heat, Satellite)
IT Security Consultant - 18608