Oneida Technical Solutions, LLC (OTS) has a rich history of providing IT support and associated services in highly complex, highly regulated, highly secure environments, including the U.S. Department of Defense (DoD), law enforcement, health care, retail, and the casino gaming industry. We have an exciting opportunity to support the Air Force Enterprise IT as a Service (EITaaS) Wave 1, specifically advancing the solution for bringing the EITaaS IT Service Management offerings to SIPR.\n
We are currently seeking a Nessus Engineer for an onsite position in Chantilly, VA.\n
This position supports our cybersecurity initiatives by conducting vulnerability assessments and ensuring the overall security of our networks and systems. This position is critical in maintaining and improving the integrity and safety of our infrastructure using the Nessus vulnerability scanning tool. The ideal candidate will have hands-on experience with Nessus or similar vulnerability management tools, a solid understanding of security best practices, and a passion for mitigating risks in complex IT environments.\n\nMinimum of 10+ years' experience in vulnerability management, cybersecurity, or IT security.\nHands-on experience with Nessus (or similar tools such as OpenVAS, Qualys) for vulnerability scanning and management.\nExperience with network protocols (TCP\/IP, HTTP, DNS, etc.), operating systems (Windows, Linux, macOS), and security best practices.\nInstalling and Configuring Nessus, Nessus Manager, Nessus Agents, Log Correlation Engine, Nessus Network Monitor, and Security Center on both Linux\/Unix and Windows based environments \nResponsible for installing and configuring Nessus Agents \nResponsible for adding scan policies, audit policies, and credentials to Security Center, and Nessus Manager. \nResponsible for configuring Nessus Manager scan pulls to Security Center \nTenable-Nessus Security Analyst \nResponsible for defining scan policies and audit policies \nResponsible for adding scan credentials \nResponsible for Scheduling scans \nResponsible for Generating Scan Reports \nResponsible for importing\/uploading scan reports for Vulnerability \nResponsible for the Analysis and validation of the scan results. \nStrong background in vulnerability assessment, risk management, and remediation.\nAdvanced knowledge of Nessus Professional or Tenable.io.\nFamiliarity with vulnerability management best practices, including risk scoring (CVSS, CVE, etc.)\nKnowledge of web application security, network security, and common vulnerability classes (e.g., SQL injection, cross-site scripting, buffer overflows).\nFamiliarity with scripting (e.g., Python, Bash) for automation and custom scan configurations is a plus.\nExperience with SIEM tools and incident response is a bonus.\nKnowledge of regulatory compliance standards such as PCI DSS, HIPAA, NIST, ISO 27001, and SOC 2.\nExcellent analytical and problem-solving skills with a strong attention to detail.\nAbility to translate technical findings into understandable and actionable reports for non-technical stakeholders.\n\n\nDoD 8140 compliance, CompTIA Security + or higher \nMust have Active Secret Clearance \n\n
Certifications:\n\nTenable Certified Nessus Expert (TCNE) or equivalent certifications.\nCISSP, CISM, or other security certifications are a plus.\n\n
Oneida Technical Solutions, LLC is an equal opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, national origin, age, disability, marital status, veteran status, sexual orientation, gender identity, genetic information or any other protected characteristic under applicable law.\n
#CJ