DCO Analyst (Vulnerability Scanning)

About the Organization Now is a great time to join Redhorse Corporation. Redhorse specializes in developing and implementing creative strategies and solutions with private, state, and federal customers in the areas of cultural and environmental resources services, climate and energy change, information technology, and intelligence services. We are hiring creative, motivated, and talented people with a passion for doing what's right, what's smart, and what works.Position Description Redhorse is seeking a DCO Analyst (Vulnerability Scanning) to support GISA in Wiesbaden, GE. The successful candidate will have familiarity with relevant regulations and compliance standards, particularly those pertaining to vulnerability scanning in the Army and IC environment with expert knowledge of the DISA ACAS Best Practice Guide.

Primary Duties and Responsibilities for this position include:

• Perform regular vulnerability assessments and scanning of network, systems, and applications on both on premise and cloud environment to identify security weaknesses and potential threats using Tenable Nessus.
• Analyze the results of vulnerability scans to determine the level of risk associated with identified vulnerabilities.
• Collaborate with IT and security teams to develop plans for mitigating or remediating vulnerabilities, which may include patch management, configuration changes, or other security measures.
• Manage and maintain vulnerability scanning tools and software, ensuring they are up-to-date and effective in identifying vulnerabilities.
• Participate in or support incident response activities by providing expertise in vulnerability-related issues during security incidents.
• Create detailed reports on vulnerability scan results, risk assessments, and mitigation progress to share with relevant stakeholders, including management and regulatory bodies.
• Ensure compliance with industry standards and regulations related to vulnerability scanning and reporting, such as DOD, Army and Intelligence Community (IC) task orders, bulletins, National Security Memorandums (NSM) and the ACAS DISA Best Practice Guide.
• Educate and train ISSO and ISSM personal across the Army Intelligence Enterprise (AIE) on the importance of vulnerability scanning and security best practices.
• Continuously monitor systems and networks for emerging threats and vulnerabilities, adapting scanning and assessment processes as needed to remain complaint with Army and IC regulations.
• Stay current with the latest cybersecurity threats and technologies, contributing to the development of improved vulnerability scanning methodologies and tools.
• Familiarity with relevant regulations and compliance standards, particularly those pertaining to vulnerability scanning in the Army and IC environment with expert knowledge of the DISA ACAS Best Practice Guide.

Minimum Basic Requirements for Skills, Experience, and Credentials include:

• Active TS security clearance and eligible for SCI and NATO read-on prior to starting work
• A bachelor's degree in computer science, information technology, cybersecurity, or a related field.
• Meet the DoD requirements for a privileged user on a TS/SCI information system prior to starting work - DoD 8140 / 8570.01-m requirements.
• Industry certifications such as Certified Information Systems Security  Professional (CISSP), Certified Information Security Manager (CISM), or Certified Ethical Hacker (CEH).
• Proficiency in vulnerability scanning and cyber tools such as Nessus, Splunk, network analyzers, Big Data Platform and analytics, as well as knowledge of related tools and technologies.
• Strong understanding of cybersecurity principles, threat landscape, and common vulnerabilities and exposures (CVEs).
• The ability to analyze and interpret vulnerability scan results and make informed decisions regarding risk and remediation.
• Strong written and verbal communication skills for creating reports, conveying information to non-technical stakeholders, and collaborating with other teams.
• The capability to identify and resolve security issues efficiently.
• Thoroughness in scanning, analyzing, and documenting vulnerabilities and their potential impact.
• Collaboration and teamwork skills, work closely with IT and security teams to address vulnerabilities and security controls.

Equal Opportunity Employer/Veterans/Disabled  Accommodations:If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to access job openings or apply for a job on this site as a result of your disability. You can request reasonable accommodations by contacting Talent Acquisition at [email protected] Redhorse Corporation shall, in its discretion, modify or adjust the position to meet Redhorse’s changing needs.This job description is not a contract and may be adjusted as deemed appropriate in Redhorse’s sole discretion.