SKILLS, KNOWLEDGE, EXPERIENCE REQUIRED:

• Minimum 2 years of experience with vulnerability scanning tools (e.g. Tenable/Nessus, Qualys, OpenVAS);
• Strong understanding of security accreditation and certification processes (e.g. NIST RMF, ISO 27001, DoD RMF);
• At least one of the following industry level certifications or equivalents: CISSP, CISM, CRISC, CAP.

• Developing, updating, and maintaining comprehensive Security Accreditation documentation in support of PLT012 services, ensuring compliance with applicable security standards, policies, and accreditation frameworks;
• Conducting technical testing activities in support of Security Risk Assessments and Security Testing and Verification processes, ensuring identification of vulnerabilities, validation of security controls, and alignment with organizational security requirements;
• Monitoring, tracking, and coordinating the mitigation of vulnerabilities identified during the most recent technical security audit of deployable CIS assets, as well as those reported in weekly Online Vulnerability Assessment Reports and Detailed Cyber Security Hygiene Indicator Reports, ensuring timely remediation and continuous improvement of the system’s security posture.