"Alerted.org

UNIVERSAL Technologies is seeking a Cybersecurity Vulnerability Management Specialist for a long-term engagement supporting cyber threat management initiatives. This is a Hybrid role – must be able to work on-site 3 days a week in Brooklyn, NY. The selected candidate will serve as a subject matter expert in vulnerability management, specifically using Rapid7, and will be responsible for identifying, analyzing, and mitigating vulnerabilities across enterprise environments. This is a technical, hands-on role requiring at least 8 years of Cybersecurity experience, scripting abilities, and experience automating vulnerability tasks.

WHO WE ARE:

UNIVERSAL Technologies, LLC is a Women-Owned (M/WBE) IT solutions and consulting company focused on delivering enterprise systems that significantly improve our clients' IT performance. We work across the IT spectrum including Development, Business/Systems/Data Analysis, Project Management, Cyber Security, Network Engineering, and High-Level System Architecture.

We empower skilled professionals to make a meaningful impact through mission-driven projects that shape how public services are delivered.

WHAT WE OFFER:

Our W2 employees can expect the following benefits:

+ Competitive pay

+ Health/Dental Insurance

+ Group Life Insurance

+ 401K

+ HSA/FSA

+ Pre-Tax Transportation Program

+ Generous Paid Time Off/Holiday Policy

MANDATORY SKILLS/EXPERIENCE:

Candidates who do not meet the following requirements will not be considered.

+ Minimum 8 years of experience in Cybersecurity, including vulnerability management scanning tools, vulnerability assessments, attack surface management, and vulnerability intel analysis

+ Expertise in CVE’s, CVSS, Vector Strings, NVD, Mitre, attack vectors, and mitigation strategies

+ Strong hands-on experience designing, architecting, and building Rapid7 vulnerability management scanning infrastructure and tools

+ Proven experience conducting and configuring Rapid7 vulnerability scans across various networks

+ Experience analyzing Rapid7 scan results using dashboards and reports to prioritize risk

+ Skilled in evaluating vulnerabilities, assessing risk and impact, developing mitigation strategies, and implementing remediation

+ Experience performing technical briefings on CVE research, vendor vulnerabilities, and threat assessments

+ Proficiency in scripting using Python and PowerShell to automate vulnerability management tasks

+ Strong Excel skills, including VLOOKUP and Pivot Tables for data analysis

+ Ability to deliver written and oral reports on vulnerability risks to internal teams and agency stakeholders

+ Familiarity with evaluating current threat landscapes including tactics, techniques, and procedures

+ Experience advising agencies on cybersecurity posture, risk reduction, and scan performance issues

+ Experience using Tableau for reporting and analysis

+ Background in networking and cybersecurity technologies such as firewalls, IDS/IPS, DMZ, VPN, DNS, and proxies

+ Working knowledge of security best practices across Microsoft Windows, Linux, VMware, Cisco IOS, Android/iOS

+ Understanding of public-key cryptography, encryption, encoding, and hashing methods

+ Familiarity with security frameworks and best practices (e.g., NIST, CIS, Palo Alto, Fortinet, Microsoft, Unix/Linux)

+ Ability to interpret cybersecurity documentation including security policies and procedures

+ Hands-on experience with Windows and Linux server environments

+ Strong written and verbal communication skills

+ Highly organized with exceptional analytical capabilities

+ Relevant certifications such as CISSP, GSEC, GCIA, GCIH, CEH, CWAPT

SCOPE OF SERVICES:

+ Serve as subject matter expert for vulnerability management across enterprise systems

+ Research, analyze, and brief stakeholders on CVEs, attack vectors, and industry mitigations

+ Design, build, and manage Rapid7 scanning infrastructure and tools

+ Configure and conduct vulnerability scans across multiple networks

+ Analyze scan results and generate dashboards to assess and prioritize risk

+ Develop remediation strategies and oversee implementation

+ Present technical briefings on risk, vendor vulnerabilities, and threat trends

+ Create scripts (Python, PowerShell) to automate vulnerability detection, tracking, and reporting

+ Develop comprehensive reports using Rapid7, Excel, PowerPoint, and custom scripting

+ Travel within NYC as needed to support various cybersecurity initiatives

UNIVERSAL Technologies is an Equal Opportunity Employer.