Title: Cyber Command Vulnerability Management Specialist
Location: Brooklyn, NY 11201
Duration: 24 Months
Research and analyze cybersecurity risks, CVEs, CVSS, vector strings, NVD, MITRE ATT&CK, attack vectors, and relevant mitigations across various technologies.
Design, architect, and maintain Rapid7 vulnerability management scanning infrastructure and related tools.
Manage and conduct vulnerability scans using Rapid7 across multiple networks.
Perform in-depth analysis and reporting using Rapid7 dashboards and tools to assess and prioritize risk.
Evaluate security vulnerabilities, assess associated risks and impacts, and develop and implement mitigation strategies.
Present technical briefings to team members and stakeholders on CVEs, risk assessments, hardware/software vulnerabilities, and industry trends.
Create automation scripts using Python, PowerShell, and other scripting languages to streamline vulnerability management processes.
Automate the detection, reporting, and tracking of vulnerabilities.
Generate comprehensive reports and presentations using Rapid7, custom scripts, Excel, and PowerPoint.
Travel within New York City for various project-related assignments as needed.
Candidates without the following qualifications will not be considered.
Minimum of 8 years in Cybersecurity, specifically in vulnerability management, assessments, attack surface management, and scripting.
In-depth knowledge of CVEs, CVSS, vector strings, NVD, MITRE ATT&CK, attack vectors, and associated mitigation techniques.
Extensive experience with Rapid7, including design, architecture, and execution of vulnerability scans, analysis of scan results, and dashboard reporting.
Demonstrated ability to evaluate vulnerabilities, assess risk/impact, and implement remediation.
Proven ability to conduct in-depth research on vulnerabilities and present findings in a concise technical manner.
Strong scripting experience in Python and PowerShell for automation tasks.
Advanced Excel skills, including VLOOKUP and Pivot Tables for data analysis.
Ability to deliver both written and oral reports on vulnerability risks to internal teams and external stakeholders.
Familiarity with current threat landscapes, including attacker tactics, techniques, and procedures (TTPs).
Experience engaging with other departments or agencies to promote cybersecurity programs, reduce risk, and manage vulnerability scanning tools.
Proficiency in Tableau or other BI tools for cybersecurity reporting.
Strong technical background in firewalls, IDS/IPS, DMZs, DNS, VPNs, proxies, and related technologies.
Cross-platform knowledge of security best practices across Windows, Linux, VMware, Cisco, and mobile operating systems (Android/iOS).
Understanding of cryptographic concepts including public-key infrastructure, encoding, encryption, and hashing.
Familiarity with NIST, CIS benchmarks, and vendor-specific best practices (Cisco, Juniper, Palo Alto, Fortinet, Checkpoint, F5, Microsoft, etc.).
Experience analyzing cybersecurity documentation such as security policies, plans, and procedures.
Hands-on experience managing both Windows and Linux server environments.
Excellent written and verbal communication skills.
Strong organizational and analytical capabilities.
Relevant certifications are highly desirable, such as CISSP, GSEC, GCIA, GCIH, CEH, CWAPT.