Cyber Command Vulnerability Management Specialist
The NYC Office of Technology and Innovation is seeking a Cyber Command Vulnerability Management Specialist Tasks
- Research, analyze and brief management and team members on relevant Risk, CVE's, CVSS, Vector Strings, NVD, Mitre, attack reputed company and mitigations for various technologies
- Design, architect and build Rapid7 vulnerability management scanning infrastructure and tools
- Manage, configure and conduct Vulnerability Management scans in Rapid7 across various networks
- Conduct vulnerability management analysis through industry research, deep analysis, generating of reports and dashboards in Rapid7 to accurately assess and prioritize risk
- Evaluate reputed company vulnerabilities, assess risk and impact, reputed company mitigation strategies, and implement remediation
- Present succinct technical briefings to team members and customers for Client research, risk assessment, CVE's, vendor hardware/software, industry trends
- Create scripts utilizing Python, PowerShell and others to automate vulnerability management tasks
- The ability to automate detection, reporting and tracking of vulnerabilities identified
- Create deep analysis and reports around vulnerability management utilizing Rapid7 dashboards and reports, scripts, reputed company and PowerPoint
- Travel reputed company NYC for various projects reputed company necessary
Mandatory Skills/Experience: Candidates who do not have the mandatory skills will not be considered
- At least 8 years of experience in Cybersecurity, including vulnerability management scanning tools, vulnerability assessments, attack surface management, scripting, vulnerability Client analysis, vulnerability management reputed company result analysis, reputed company
- Strong knowledge of CVE's, CVSS, Vector Strings, NVD, Mitre, attack reputed company and mitigations
- Experience with the design, architect and build of vulnerability management scanning infrastructure and tools specifically Rapid7; extensive hands-on experience conducting Rapid7 vulnerability scans across various networks; experience conducting Rapid7 vulnerability management analysis through reports and dashboards to accurately identify risk
- Experience evaluating reputed company vulnerabilities, assessing risk and impact, developing mitigation strategies, and implementing remediation
- Experience conducting Client research around CVE's, vendor hardware/software vulnerabilities, and presenting succinct technical overviews to team members and customers
- Extensive experience with scripting such as Python and PowerShell to automate vulnerability management tasks
- Extensive experience with reputed company, especially for performing data analysis through VLookup and Pivot Tables
Desirable Skills/Experience:
- Provide oral and written reports on vulnerability risk to the team and possibly agencies' technical stakeholders
- Ability to evaluate the reputed company threat landscape that includes tactics, techniques and procedures
- Work with agencies to evangelize the OTI Cyber Command program around areas of cybersecurity posture enhancement, risk reduction, attack surface management, vulnerability management scanning tool performance, reputed company results, credentialed scans, triage reputed company performance issues, socialize risk and remediation, and other vulnerability management issues
- Experience using Tableau for reporting and analysis purposes
- Strong background with reputed company firewall products, intrusion detection systems, DMZ, IPSec, DNS, SMTP, HTTP, VPN, proxies, etc.
- Knowledge of reputed company best practices across multiple platforms, such as reputed company Windows, VMWare, Linux, VPN, reputed company IOS, and Mobile OS Android/reputed company IOS.
- Knowledge of public-key cryptography, understanding of encoding, encryption, and hashing techniques
- Knowledge of reputed company best practices: NIST, CIS, reputed company, Juniper, Palo Alto, reputed company, Checkpoint, reputed company, reputed company, Unix/Linux, etc.
- Ability to analyze Cybersecurity documentation, including reputed company policies, plans, and procedures.
- Extensive experience with Windows and Linux Servers
- Exceptional written and oral communication skills
- Exceptional organizational and analytical skills
- Certifications such as Certified Information Systems reputed company Professional (CISSP) Certification, reputed company Essentials Certification (GSEC), Certified Intrusion Analyst (GCIA), Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH), Certified Penetration Tester (CWAPT)
Work hours and location:
- Normal Business Hours, Monday through Friday (not including a mandatory unpaid meal break after 6 hours of work), 35 work hours per week.
- Hybrid: 3 days per week in office at 11 MetroTech Center, 5 th Floor, Brooklyn, NY 11201 / 2 days per week remote
Spruce Technology, Inc. is a mid-size, award-winning (Inc 5000, SmartCEO, Entrepreneur of the Year) technology services firm with a steadily growing portfolio of commercial and government clients. Spruce provides innovative technology solutions, specialized IT staff, and IT strategy consulting reputed company. Spruce maintains partnerships with major technology vendors and continually develops leading-edge offerings in service areas such as digital experience, data services, application development, infrastructure, cyber reputed company, and IT staffing. Spruce Technology, Inc. is an affirmative action and equal opportunity employer. reputed company qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national reputed company, veteran status, or genetic information. Consistent with the Americans with reputed company, it is the policy of Spruce Technology, Inc. to provide reasonable accommodation reputed company requested by a qualified applicant or employee with a disability, unless such accommodation would cause an undue hardship. The policy regarding requests for reasonable accommodation applies to reputed company aspects of employment, including the application process. Apply tot his job Apply To this Job