Web Vulnerability Analyst with Security Clearance

Web Vulnerability Analyst (Senior) Job Location: DISA Ogden, Hill AFB, UTClearance: Secret Date Posted: 6/16/22 Athena Technology Group, Inc. is a Service-Disabled Veteran-Owned /Small Business (SDVOSB) focused on Information Technology and Communications consulting, system engineering, integration, deployment, and operations of stat of the art command and control and information systems that deliver critical network-centric solutions to the warfighter. With a proven track record of technical support to our customers, we are looking for innovative industry professionals to join our team. JOB DESCRIPTION: Web Vulnerability Analyst (Senior). Cyber Vulnerability Management support for DISA Cyber Services Line of Services (LOB) by providing compliance monitoring/reporting, response and mitigation, Cyber Automation and Management services, compliance validation, configuration, change and account management, A&A, RMF, Federal Information Security Management Act compliance, Cyber Risk Management, Cyber Standardization and Mission Partner Engagement and Implementation for DISA Cyber Security support systems. Provide cybersecurity support for DISA and DISA''s Mission Partners. These cyber-security services include Access control. A&A, Audits, application administration, support for commercial off the shelf and Government off the shelf tools, Cyber security documentation, DISA Orders Management, metrics, incident response, network defense, Public Key Infrastructure support, risk management, training management, security posture validation, and vulnerability analysis. RESPONSIBILITIES: * Web Specialist Support:* Serve as a web technical specialist for assets connected to isolated environments, NIPRNet, SIPR-Net, and JWICS to support cybersecurity and IT services* Review, identify, and report problems with the installation and operations of web instances to include system options, software used and not used, default security controls that are enabled, disabled, or bypassed, and system-wide options or parameters that may create security vulnerabilities* Determine the impact and risk of submitted change requests prior to implementation and participate in CAB meetings to provide cyber oversight for web changes that affect the level of risk* Recommend security countermeasures to mitigate identified web risks* Web Vulnerability Analysis: * Identify, monitor, analyze, report, and brief status of Ecosystem vulnerabilities* Ensure high risk and high severity vulnerabilities are managed with increased visibility and escalated* Analyze, validate, monitor, and report compliance status of DoD and DISA directives and orders* Create, maintain, and provide automated and customized vulnerability reports* Analyze mission requirements and organizational feedback to improve vulnerability reports and processes* Provide recommendations for web vulnerability analysis, guidance, deficiency resolution, and implementation suggestions to DISA customers and Mission Partners* Web Compliance Validation and Support:* Assess, audit, review, analyze, validate, and report web SRG and STIG vulnerabilities, and ensure security controls are implemented within web instances IAW DoD, DISA, and cybersecurity policies and procedures* Evaluate discrepancies as they relate to policy, orders and web SRG and/or STIGs, and document recommended additions, deletions, or changes* Identify and report the need to add technical guidance for modification of policies and orders* Review and validate the installation and configuration of cyber tools on assets, and report deficiencies* Review web SRG and/or STIGs as updates are released and report changes with the potential to have a significant impact* Conduct audits and provide documentation REQUIRED EXPERIENCE:* Must have Web vulnerability experience * Requires current 8570/8140 certification * Five + years of relevant/recent experience with Five + years of relevant/recent experience with Oracle Application Server, Oracle e- Business Suite, WebLogic, JBOSS, Java, IIS, Apache, SAP, or Tomcat, and cyber-security * Three + years of relevant/recent experience with Microsoft Office products DESIRED EXPERIENCE: * Experienced and knowledgeable in the field of cyber security compliance and support activities* Knowledge of National Institute of Standards and Technology (NIST) and Committee on National Security Systems Instruction, including NIST SP 800-60, NIST SP 800-53, NIST SP 800-37, and CNSSI 1253 EDUCATION/EXPERIENCE:* BA/BS or equivalent work experience SECURITY CLEARANCE: * Active Secret Work Schedule: Primary coverage for the performance of duties shall be from 7:00 am Eastern Standard Time (EST) and ending at 6:00 pm EST Monday through Friday. Core hours are typically 0900-1500; however, each site will determine actual core hours. Work Location: DISA Ogden, Hill AFB, UT Government Furnished Equipment (laptop, laptop case, card readers, etc.) provided as required. Travel: In and Around Travel / CONUS and OCONUS may be required ATG is a growing company, and there will be opportunities for internal advancement. ATG is an Equal Opportunity Employer.

Created: 2025-11-15