Vulnerability Management & Assessments Consultant

Title:  Vulnerability Management & Assessments Consultant
USC/GC only

On site
Location: Austin TX on site

REQUIREMENT
Should bring expertise in the following Vulnerability Management and Assessments:
 
Vulnerability management on a continuous basis to identify, assess, and addresses security weaknesses in systems and software to reduce the risk of cyberattacks and data breaches.

3.5.1.1 Shall include unique and proprietary research into analyzing, identifying, and fixing known errors in ICS CERT vulnerability database.

3.5.1.2 Shall provide extensive CVE coverage, including analyze and enrich CVE data from vendors, public PSIRT programs, government advisories, independent researchers, CVE
disclosures.

3.5.1.3 Shall be able to identify assets and match to vulnerabilities in a passive manner to minimize potential disruption to OT systems environments.

3.5.1.4 Provide the ability to perform vulnerability management and be able to prioritize vulnerabilities based on their severity score and risk level.

3.5.1.5 Identify known security vulnerabilities for ICS/OT assets.

3.5.1.6 Severity risk scoring of vulnerabilities.

3.5.1.7 Vulnerability management capability (New, Open, Closed, Risk Accepted, Reopened).

3.5.1.8 Provide the ability to prioritize vulnerabilities based on risk and operational impact.

3.5.1.9 OT impact analysis & corrected CVSS scores appropriate.

3.5.1.10 Curated guidance from vuln researchers that include compensating controls appropriate for OT systems that can't be immediately patched.

3.5.1.11 Shall be able to score vulnerabilities by criticality.

3.5.1.12 Present the information in an easy-to-read format to derive value and speed response by the analyst quickly.

3.5.1.13 Shall be able to provide vulnerabilities for the imported assets and not only discovered assets by the solution