Lead Enterprise Scanning Engineer Security Clearance

Position: Lead Enterprise Scanning Engineer with Security Clearance
About Peraton Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace.

The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees solve the most daunting challenges that our customers face. Visit  to learn how we're keeping people around the world safe and secure. Program Overview Encompasses technical, engineering, data analytics, cyber security, management, operational, logistical, and administrative support for Bureau of Diplomatic Security, Cyber and Technology Security Directorate in three key offices/functional areas:
Cyber Monitoring and Operations, Cyber Threat and Investigations, and Technology Innovation and Engineering State. About

The Role Peraton is currently seeking an experienced Lead Enterprise Scanning Engineer to become part of our Federal Strategic Cyber Group.

Location:

Beltsville, MD. On-Site;
Full-time. Role

Description:

Leadership and Team Management:
* Lead a team of Enterprise Scanning Engineers responsible for vulnerability, compliance, web application, and database scanning.

* Mentor and provide guidance to team members, fostering a collaborative and growth-oriented environment.

Strategic Planning and Execution:
* Develop and implement a comprehensive enterprise scanning strategy to ensure timely identification, assessment, and remediation of vulnerabilities across the Department's systems and networks.

* Oversee the execution of enterprise-wide operating system and application compliance verification, on-site security assessments, web, and database vulnerability scanning, and scanning of other IT assets.

* Monitor emerging security threats and vulnerabilities and develop appropriate mitigation strategies in collaboration with relevant stakeholders.

Reporting and Communication:
* Prepare and present regular reports on the effectiveness of the Department's security policies, the potential impact of new vulnerabilities upon discovery, and the effectiveness of measures taken to eliminate them.

* Communicate effectively with various stakeholders, including system owners, administrators, and management, to ensure timely remediation of identified vulnerabilities and compliance issues.

Vulnerability Scanning:
* Perform regular vulnerability scans across the Department's systems and networks, identifying deviations from acceptable configurations and standards.

* Evaluate and prioritize identified vulnerabilities based on potential impact and risk and recommend remediation strategies and solutions.

* Collaborate with system owners and administrators to address identified vulnerabilities and ensure timely remediation.

Compliance Scanning:
* Execute enterprise-wide operating system and application compliance verification, assessing adherence to established security policies and best practices.

* Develop security baseline configuration compliance and vulnerability scan policies for Department-hosted operating system platforms (e.g., Windows, UNIX, Linux, Cisco, Juniper, etc.).

* Prepare audit reports identifying technical and procedural findings, providing recommended remediation strategies and solutions.

Web Application Scanning:
* Conduct web application vulnerability scanning to identify potential security risks and weaknesses in web applications and services.

* Collaborate with web developers and application owners to address identified vulnerabilities and ensure the implementation of secure coding practices.

* Monitor emerging web application vulnerabilities and threats and recommend appropriate mitigation strategies.

Database Scanning:
* Perform database vulnerability scanning to identify potential security risks and weaknesses in database management systems and configurations.

* Collaborate with database administrators to address identified vulnerabilities and ensure the implementation of secure database practices.

* Monitor emerging database vulnerabilities and threats and recommend appropriate mitigation strategies.

Additional Responsibilities:
* Establish a queue management function to meet the Department's vulnerability management support service needs.

* Track and report on service request metrics, such as ticket volume, ticket volume by category, response time, and resolution time by category.

* Analyze the organization's cyber defense policies and configurations, evaluating compliance with regulations and organizational directives.

* Maintain a list and schedule of all Information Systems (IS) requiring Enterprise Scanning (ES) assessments to support continuous monitoring…