Vulnerability Assessment Team Lead

Gritter Francona is looking for a Vulnerability Assessment Team Lead to support a potential project with the Department of Homeland Security. The Lead will manage a comprehensive vulnerability management program for The Department of U.S. Customs and Border Protection (CBP). The Lead will direct a team of analysts responsible for conducting enterprise-wide vulnerability scanning, penetration testing, and specialized assessments (web, database, wireless). This is a critical leadership role that involves managing scan policies, analyzing results, and briefing CBP leadership on the most impactful vulnerabilities and remediation strategies.

Key Responsibilities:

• Lead the VA team in managing CBP's Enterprise Information System Vulnerability Management (ISVM) compliance validation.

• Oversee regularly scheduled and ad hoc vulnerability assessments, penetration tests, and specialized assessments for web applications, databases, and 802.11 Wireless networks.

• Brief CBP leadership on current and future vulnerabilities, security policies, and the results of penetration testing efforts.

• Manage and maintain a repository of VA application issues and report them to the Government VAT Team Lead.

• Direct the preparation of security testing Rules of Engagement (ROE) for government approval prior to conducting penetration testing.

• Provide leadership and support for internal and external audits (e.g., OIG, NCATS) and Bug Bounty assessments.

Requirements

• A minimum of 5 years of experience performing vulnerability assessments for an enterprise network.
• Experience analyzing vulnerabilities and providing assessments and remediation instructions.
• Knowledge of Application Security implementation, Firewall Management, and Advanced Threat Protection.
• Familiarity with Access Control, Authorization, Intrusion Prevention and Intrusion Detection.
• Familiarity with FISMA compliance and the Risk Management Framework.
• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)

Benefits

• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k, IRA)
• Life Insurance (Basic, Voluntary & AD&D)
• Paid Time Off (Vacation, Sick & Public Holidays)
• Short Term & Long Term Disability
• Training & Development