Jacobs Mid Vulnerability Management Engineer in Herndon, Virginia
Critical Mission Solutions
Your mission is our mission.
We're invested in you and your success. Everything we do - whether Aerospace, Defense, Intelligence, Information Technology, Cybersecurity, Nuclear, Automotive, or Telecommunications - is more than just a project. It's our challenge as human beings, too. That's why we bring a thoughtful and collaborative approach to every one of our partnerships.
It's our promise to challenge the status quo as we redefine how to solve the world's greatest challenges, and transform big ideas into intelligent solutions for a more connected, sustainable world.
Design your career with a company that inspires and empowers you to deliver your best work so you can evolve, grow and succeed –today and into tomorrow.
Jacobs is seeking a Mid Vulnerability Management Engineer to work remote and onsite in Herndon, VA.
Candidate will need to travel to Client sites for team and client meetings as needed.
Duties/Tasks and Responsibilities:
• Will be responsible for conducting vulnerability scans at the network,
operating system, database, and application levels on financial systems
within this organizations enterprise.
• Will be perform vulnerability scanning and analysis to eliminate false
positives and to aggregate findings by specific best practice criteria.
• Provide recommendations for remediation and collecting evidence to verify
the vulnerability no longer exists.
• Validate the vulnerabilities identified against the National Institute of
Science and Technology (NIST) Framework, National Vulnerability
Database (NVD) and Security Best Practice standards such as CIS
Benchmarks, DISA STIGs and vendor hardening standards.
• Perform full scope Risk Management processes for a federal client, to
include Certification and Accreditation (C&A), FISMA Self Assessments,
Technical Assessments (Vulnerability analysis, penetration testing), and
• Use vulnerability and security testing tools and review the results from tools
such as Nessus, HP WebInspect, QualysGuard, AppDetective, and Burp
Here’s What You’ll Need:
The candidate will have demonstrated 3-5 years of technical experience with the following techniques:
• Vulnerability Scanning and Analysis
• Unix/Linux (Solaris/Red Hat) and MS Windows Operating Systems
• Network Switching/Routing and TCP/IP
• Databases (e.g., MS SQL, Oracle, DB2)
• Web application vulnerability scanners (e.g., Qualys WAS, WebInspect,
• Database vulnerability scanners (e.g., AppDetective, DbProtect)
• General purpose vulnerability scanners (e.g., QualysGuard, Nessus)
• Security configuration checklists (e.g., DISA STIGs, CIS Benchmarks)
• NIST Special Publications (e.g., 800-53, 800-37)
• 3-5 years of experience in information security with specific vulnerability
• Bachelor’s degree in an IT related field or equivalent education or work
• Certifications like CEH, CCNA, CCNP, GSEC and others are preferred.
• 2+ years’ experience and understanding of NIST 800-53, NIST 800-53A,
NIST 800-30 and NIST 800-37.
• 2+ years’ prior experience performing security control assessments of all
NIST 800-53 controls.
• Experience configuring and using technical assessment tools such as
Nessus, HP WebInspect, AppDetective, BurpSuite, Wireshark,
QualysGuard and Redseal.
• 2+ years of Risk Management Framework (RMF) implementation
• Proficiency understanding the technical architecture of IT systems built
using Windows, UNIX, Linux, IBM AIX, VMware, Citrix, Oracle and MySQL
• Strong documentation and communication (written and verbal) skills.
• Working knowledge of common network devices
• Working knowledge of Windows and Unix operating systems
• Working knowledge of common database platforms
• Self-motivated and able to work in an independent manner.
• Must be able to obtain “Public Trust” level clearance. (SF-85 and SF-86
Most work will be done at a desk or computer.
General Office environment. The work environment is fast-paced and sometimes involves extreme deadline pressures. The nature of the work requires a high degree of teamwork and cooperation with other members of the staff as well as individuals across the Company and Customers.
Equipment & Machines:
General office equipment including PC/laptop, Fax, Copiers, Shredder, Printers, Telephone, and other miscellaneous office equipment.
Attendance is critical at all times. Must be able to work a 40-hour workweek, normally Monday through Friday. However, times and days may vary depending on business requirements. Needs to be available to work overtime during critical peaks and be available to meet last minute requests for overtime should the situation occur.
Other Essential Functions:
Must be able to communicate effectively both verbally and in writing
Grooming and dress must be appropriate for the position and must not impose a safety risk/hazard to the employee or others. Must put forward a professional behavior that enhances productivity and promotes teamwork and cooperation.
Must be able to interface with individuals at all levels of the organization both verbally and in writing. Must be well-organized with the ability to coordinate and prioritize multiple tasks simultaneously. Must work well under pressure to meet deadline requirements. Must be willing to travel as needed. Must take and pass a drug test and background check as well as a motor vehicle records check. Must be a US citizen.
Jacobs is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, religion, creed, color, national origin, ancestry, sex (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, medical condition, marital or domestic partner status, sexual orientation, gender, gender identity, gender expression and transgender status, mental disability or physical disability, genetic information, military or veteran status, citizenship, low-income status or any other status or characteristic protected by applicable law. Learn more about your rights under Federal EEO laws at https://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf and supplemental language. at https://www.eeoc.gov/sites/default/files/migratedfiles/employers/eeocgina_supplement.pdf
At Jacobs, we’re challenging today to reinvent tomorrow by solving the world’s most critical problems for thriving cities, resilient environments, mission-critical outcomes, operational advancement, scientific discovery and cutting-edge manufacturing, turning abstract ideas into realities that transform the world for good. With $13 billion in revenue and a talent force of more than 55,000, Jacobs provides a full spectrum of professional services including consulting, technical, scientific and project delivery for the government and private sector.