- Baylor Scott & White Health (Annapolis, MD)
- …and maintain security controls to protect payment card data. + Conduct vulnerability scans, penetration testing, and security monitoring activities. + Analyze system ... and network configurations to identify compliance gaps and security risks. + Provide technical guidance on PCI DSS remediation efforts, working closely with IT and security teams. + Develop and maintain security policies, procedures, and documentation related… more
- ManTech (Annapolis Junction, MD)
- …System Security Plans (SSPs) for both new and existing systems + Analyze vulnerability scan results and collaborate with system owners to implement remediation + ... Leverage sponsor tools such as Gatekeeper, Xacta, SEAR, and LatteArt in daily operations **Minimum Qualifications:** + Bachelor's degree with 10+ years of relevant ISSO experience OR 4 additional years of related experience as an ISSO might be substituted for… more
- Leidos (Fort Meade, MD)
- …they meet requirements for processing classified information and perform vulnerability /risk assessments to support certification and accreditation. + Provide ... configuration management for information system security software, hardware, and firmware, and manage changes to systems, assessing their security impact. + Prepare and review security documentation, including System Security Plans (SSPs) and Assessment and… more
- Leidos (Odenton, MD)
- …logistics, test plans, and scope with the SCA Team Lead. + Perform vulnerability assessments, capture results using STIG Viewer or designated tools, and document ... findings in eMASS. + Analyze security gaps and provide mitigation recommendations. + Validate cybersecurity controls, TTPs, STIGs, RMF controls, and compliance with DoD policies and guidelines. + Provide risk analysis and assessment results for authorization… more
- CACI International (Annapolis Junction, MD)
- …the security posture of our systems and networks. **Key Responsibilities:** + Perform vulnerability and penetration testing using a wide variety of tools + Research ... and evaluate emerging technologies relevant to information systems security; interpret agency specific and federal security regulations + Perform both network and application-level testing using established testing protocols and methods **Qualifications:**… more
- CACI International (Annapolis Junction, MD)
- …will play a critical role in identifying non-compliance, conducting vulnerability assessments, and coordinating penetration testing, while providing valuable process ... improvements and developing standards and guidelines for security controls. **Key Responsibilities:** + Analyze design specifications, design documentation, configuration practices and procedures, and operational practices and procedure + Conduct on-site… more
- TekSynap (Rockville, MD)
- …7 Application Firewalls), proxy servers, DLP, antivirus/endpointprotection software, and vulnerability scanner elements + Tune the SIEM and IDS/Intrusion Prevention ... System (IPS) events to minimize false positives + Enroll NRC network and systems information into the SIEM tool, using information from theVulnerability and Compliance Scanning System (VCSS) and input from ISSOs, and perform assetcategorization and… more
- Datavant (Annapolis, MD)
- …security-related requests, including (but not limited to) architectural feedback, vulnerability remediation, compliance control implementation, etc. + Be fearless in ... security control descriptions and writing process related elements down. The processes you build are not a castle of tone deaf documentation but a method of enabling development teams to move faster with more clarity. + Review application projects our… more
- Northrop Grumman (Linthicum Heights, MD)
- …image creation, deployment, and underlying infrastructure. + Experience deploying vulnerability scanning tools and remediation. + Experience deploying and managing ... Linux systems (preferably Red Hat) in both a domain-joined and non-domain-joined environment. + Experience managing SELinux and FAPolicy on Linux systems. + Experience Supporting license managers. + Experience giving technical presentations to technical and… more
- Amentum (Fort Meade, MD)
- …security assessments of computing environments to identify points of vulnerability , non-compliance with established Information Assurance (IA) standards and ... regulations, and recommend mitigation strategies. + Validates and verifies system security requirements definitions and analysis and establishes system security designs. + Designs, develops, implements and/or integrates IA and security systems and system… more