Vulnerability Analyst

T-Rex Solutions is looking to select a Vulnerability Analyst to support the US Department of the Treasury TCloud enterprise cloud development effort. We are seeking an individual with extensive experience in vulnerability remediation at the operating system (OS) level across various cloud environments, including AWS, Azure, OCI, and GCP. The ideal candidate will be responsible for ensuring the security and integrity of our cloud infrastructure by identifying, assessing, and mitigating vulnerabilities. This role requires a deep understanding of cloud services, operating system vulnerabilities, and best practices for securing cloud environments that are hosting a variety for MS Windows, and Linux (Red hat, Ubuntu, Amazon) operating systems.

Responsibilities:

• Identify and remediate vulnerabilities in cloud infrastructure, with a specific focus on OS-level threats across multiple cloud platforms, including compliance with STIG and CIS benchmarks.
• Collaborate with the cybersecurity team to conduct regular security assessments, vulnerability scans, and penetration tests to identify potential weaknesses.
• Contribute to the development and maintenance of security policies, standards, and procedures for cloud infrastructure, working closely with the cybersecurity team.
• Work with development and operations teams to ensure secure deployment of applications, emphasizing secure configurations and OS-level hardening.
• Monitor security alerts and logs to detect and respond to potential security incidents across cloud environments.
• Stay up-to-date with the latest security threats, vulnerabilities, and technology trends relevant to cloud infrastructure and operating systems.
• Provide guidance and mentorship to junior engineers and team members** on best practices for security and vulnerability management in cloud environments.

Requirements:

• Must be a US Citizen with the ability to obtain a Public Trust clearance
• Bachelor’s degree in Computer Science, Information Technology, or related field and at least 4 years' experience
• Experience in cloud engineering, with a focus on security and vulnerability management across AWS, Azure, OCI, and GCP.
• Proven experience in identifying and remediating OS-level vulnerabilities in both Linux and Windows environments with a strong understanding of STIG and CIS compliance requirements.
• Strong understanding of cloud security frameworks and best practices, including NIST, CIS, and ISO 27001.
• Proficiency in using security tools such as Nessus Tenable, ORCA Security, AWS Security Hub, Azure Security Center, Google Cloud Security Command Center, and other vulnerability scanning tools.
• Familiarity with Red Hat Satellite server, WSUS, IBM BigFix or other similar toolsets.
• Knowledge of scripting languages such as Python, Bash, PowerShell, Ansible for automation of security remediation tasks.
• Excellent problem-solving skills and the ability to work under pressure in a fast-paced environment.
• Strong communication and interpersonal skills, with the ability to explain complex security issues to technical and non-technical stakeholders.

Desired:

• Professional certifications such as AWS Certified Security - Specialty, Azure Security Engineer Associate, Google Professional Cloud Security Engineer, or equivalent.
• Active Treasury clearance preferred
• Experience with Infrastructure as Code (IaC) tools such as Terraform or CloudFormation.
• Familiarity with DevSecOps practices and integrating security into CI/CD pipelines.
• Knowledge of container security and orchestration tools such as Docker and Kubernetes.

T-Rex Overview

Established in 1999, T-Rex Solutions, LLC is a proven mid-tier business providing data-centric mission services to the Federal government as it increasingly tries to secure and leverage the power of data. We design, integrate, secure, and deploy advanced technical solutions for our customers so they can efficiently fulfill their critical objectives. T-Rex offers both IT and professional services to numerous Federal agencies and is a leader in providing high quality and innovative solutions in the areas of Cloud and Infrastructure Services, Cyber Security, and Big Data Engineering.

T-Rex is constantly seeking qualified people to join our growing team. We have built a broad client base through our devotion to delivering quality products and customer service, and to do that we need quality individuals. But more than that, we at T-Rex are committed to creating a culture that supports the development of every employee's personal and professional lives. T-Rex has made a commitment to maintain the status of an industry leader in compensation packages and benefits which includes competitive salaries, performance bonuses, training and educational reimbursement, Transamerica 401(k) and Cigna healthcare benefits.

T-Rex is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, sex (including pregnancy, gender identity, and sexual orientation), parental status, national origin, age, disability, family medical history or genetic information, political affiliation, military service, or other non-merit based factors.

In compliance with pay transparency guidelines, the annual base salary range for this position is $100,000 - $120,000. Please note that the salary information is a general guideline only. T-Rex considers factors such as (but not limited to) scope and responsibilities of the position, candidate’s work experience, education/training, key skills, internal peer equity, as well as market and business considerations when extending an offer.

T-Rex offers a diverse and collaborative work environment, exciting opportunities for professional growth, and generous benefits, including: PTO available to use immediately upon joining (prorated based on start date), paid parental leave, individual and family health, vision, and dental benefits, annual budget for training, professional development and tuition reimbursement, and a 401(k) plan with company match fully vested after 60 days of employment among other benefits.