General Dynamics Information Technology Tenable Nessus Engineer in Raleigh, North Carolina
General Dynamics Information Technology (GDIT) has an opportunity for a Tenable Engineer to join the security team of a major nationwide organization, with thousands of sites, to continually improve its complex multi-protocol nationwide network. The ideal candidate for this job will be an experienced information security practitioner who is goal-oriented and strives to exceed expectations.
Responsible for implementation/deployment of Nessus scan engines and Tenable Security Center Continuous View systems and peripherals
Maintainslocal and network credentials for Tenable Security Center and provisions access to vulnerability scanningsystems. Responsiblefor integration of Nessus/TSC with other security and IT systems management tools (i.e.ForeScout,RedSeal, Splunk)
Responsiblefor developing and maintaining standard processes and operating procedures, creating technical architecture diagrams and system builddocumentation
Responsibleforsupporting andmaintaining penetration testing toolset; including “fly-away kit” (i.e. laptops, VMs, wireless devices) used for internal/external penetrationtesting
Workswith vulnerability management team to build asset repositories and asset scanpolicies
Worksindependently and with vendors’ professional services to diagnose and troubleshoot any issues with vulnerability assessmenttools.
We can only accept US citizens and or Green Card Holders.
- Bachelors Degree in Computer Science, Engineering, or a related technical discipline is required
- 5+ years of directly related experience in cyber security engineering
StrongSplunk experience in creating effective dashboards, hunting cyber threats using event correlation, and acting on machine intelligence to remediate vulnerabilities and risk to the enterprise
Netflowanalytics for compliance and threat hunting
Work with suppliers of data (e.g.,WonMug, Cisco ISE,StealthWatch) to maximize efficiency and accuracy of data feeds into Splunk. Advise suppliers of potential features in their tools that could be activated to improve security (e.g.,TrustSecand Security Group Tagging in ISE)
Ability to map application components to identify security problems and provide solutions
Analyze data imports into Splunk for accuracy and completeness; compare data from the various network security tools to identify overlaps and search for gaps.
Conduct initial triage assessments of findings from network security tools
Engages with other internal and external forces to get and share information to improve processes and security posture
Troubleshoots application connectivity and performance through log analysis and network captures, etc.
Must be able to obtain a Public Trust clearance (requires the selected candidate to have resided in the US for the past five years and not have left the country for longer than 90 consecutive days)
Experience with Splunk, BMC Atrium, ServiceNow, and enterprise network infrastructures
Experience withTenable Nessus,ForeScoutCounterACT, Cisco ISE,MobileIron, and Tanium
Project planning experience
Excellent writing skills
Microsoft office suite of applications
Desired Certifications:CISSP, Certified Ethical Hacker (C|EH), SFCP, GCIA, ISSEP, ISSMP, GCIH, GCFA, CSLC, CISM, CCNA,CCNP
As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
Number of Positions1
Job FunctionInformation Technology
Security Clearance LevelNone
Full/Part TimeFull Time