Vulnerability Assessment Team Lead

Vulnerability Assessment Team (VAT) Analyst Lead - Tyto Athene, LLC

Tyto Athene is searching for a Vulnerability Assessment Team (VAT) Analyst Lead to support a law enforcement customer in Ashburn, VA. In this role you will work closely with threat hunters, threat analysts, and an established SOC—playing a critical part in identifying, assessing, and mitigating vulnerabilities as we hunt down and defend against the most advanced global threats.

• Lead enterprise vulnerability assessment efforts and security testing activities.
• Perform vulnerability scanning and analysis across complex networks and systems.
• Provide clear, actionable remediation guidance and track remediation efforts to completion.
• Support the development, implementation, and maintenance of enterprise vulnerability management services and processes.
• Operate, configure, and optimize agency tools and technologies used for vulnerability testing, scanning, and threat identification.
• Review and update vulnerability management plans, policies, and documentation.
• Coordinate scanning schedules, scope, and requirements with stakeholders and system owners.
• Review, analyze, validate, and report vulnerability scan results and findings.
• Maintain a repository of vulnerability assessment tool and application issues; report issues to the Government VAT Team Lead and SSD Director.
• Apply Information Systems Security principles and relevant security methodologies across the vulnerability lifecycle.
• Assist with Application Security efforts, including secure configuration and vulnerability testing.
• Leverage understanding of Firewall Management and Advanced Threat Protection solutions.
• Apply expertise related to Access Control, Authorization, IDS/IPS, and protocol analysis.
• Ensure proper handling of sensitive and classified information protocol requirements.
• Ensure compliance with FISMA, NIST, and Risk Management Framework (RMF) standards.

• Minimum 5 years of experience performing enterprise vulnerability assessments.
• Strong background analyzing vulnerabilities and providing remediation instructions.
• Experience operating vulnerability scanning platforms and assessment tools.
• Knowledge of Application Security concepts and secure system implementation.
• Understanding of Firewall Management, ATP tools, access control, IDS/IPS, and protocol analysis.
• Familiarity with classified information handling requirements.
• Experience working in compliance-driven environments (FISMA, RMF, NIST).
• Strong analytical, communication, and reporting skills.
• CISSP - Certified Information Systems Security Professional
• Certified Ethical Hacker (CEH) or one of the following:
  DoD 8570 IAT Level II or IAM Level I or CSSP Analyst / Incident Responder
• GCFA - GIAC Certified Forensic Analyst
• GCFE - GIAC Certified Forensic Examiner
• GNFA - GIAC Network Forensic Analyst

• Ashburn, VA

• TS/SCI Clearance required

• Mid-Senior level

• Full-time

• Information Technology
• IT Services and IT Consulting and Computer and Network Security