System Analyst III - Vulnerability Remediation

Position Overview
In support of the OSC Technical Solutions IT Infrastructure organization for the Hanford Site, this position will be part of the Vulnerability Remediation team responsible for supporting the technical infrastructure that includes hardware, software, and cloud service provider component for systems across the Hanford Local Area Network (HLAN). This role will serve as a pivotal resource, driving implementation, and design services for other areas of the organization and its customers.

Major Activities (Typical Duties/Responsibilities)

• Perform regular vulnerability scanning across servers, endpoints, network devices, and cloud environments using approved tools (e.g., Tenable, Nessus).
• Analyze scan results to validate findings, identify false positives, and prioritize vulnerabilities based on risk severity, exploitability, and asset criticality.
• Coordinate with system owners and administrators to support timely remediation or mitigation of vulnerabilities
• Remediates and patches vulnerabilities across the Hanford site.
• Working from vulnerability reports targeting specific vulnerabilities based on severity level.
• Create schedules to work with the End User\Customer to gain remote access to workstations for remediation of identified vulnerabilities.
• Provide daily vulnerability status
• Review reports on CISA released CVE’s and other vulnerabilities for vulnerability remediation efforts.
• Evaluate new solutions through research and collaboration and determine course of action for new technical initiatives.
• Responsible for incident escalation and coordination of resources to resolve issues in a timely manner to meet Service Level Agreement metrics.
• Maintain security and integrity controls.
• Prepare written technical documentation, training material, standards, and reports.
• Perform other duties as appropriate and assigned.

Knowledge/Skills/Abilities

• Demonstrated ability to manage multiple tasks simultaneously and effectively prioritize and execute tasks in a fast-paced environment.
• Possess the ability to resolve complex issues using third party diagnostic and monitoring tools, logs, graphs, and performance data to maintain the health and availability of the environment
• Familiarization with Department of Homeland Security Binding Operational Directives 22-01 (DHS BOD 22-10)
• Familiar with the Cybersecurity & Infrastructure Security Agency (CISA) and their mission.
• Familiar with Common Vulnerabilities and Exposures (CVE) and how they are determined and tracked.
• Must be able to communicate technical information and product plans to all levels of staff and management
• Good interpersonal skills: ability to work effectively and cooperatively with all levels of management and staff, affiliated-company employees as well as outside business associates; exhibits a professional manner in dealing with others.
• Superior organizational, follow-up, and detail-oriented skills.
• Strong ability to analyze documents and categorize appropriately.
• Ability to maintain accurate records.
• Work independently, as well as on a team and with minimal supervision.
• Make decisions, solve problems, and exercise excellent judgment.
• Work well under pressure and independently prioritize workload, while working on multiple projects.
• Ability to research, organize and analyze technical information with particular attention to accuracy and detail.
• Excellent written and verbal communication skills; including thorough knowledge of proper grammar, advanced vocabulary, spelling, editing and proofreading skills.
• Proficient using Microsoft Office products, such as Word, Excel and PowerPoint, and industry-standard computer software and databases.
• High degree of sensitivity regarding confidential information.
  
• Investigate and analyze problems to identify root causes and ensure timely resolution, escalating as necessary depending on criticality.
• Knowledgeable of Security Information and Event Management (SIEM), such as Splunk Enterprise Security, or similar applications.
• Knowledge of Cyber Security scanning applications and their capabilities.

Physical Abilities

• Sufficient fine motor skills for the use of computers, calculators with an ability to withstand repetitive keyboarding for extended periods of time.
• Visual and communications ability adequate to perform the essential functions of the job.
• Ability to kneel, bend and twist at the waist on an occasional basis.
• Ability to reach below shoulder height with regular frequency (desk position) and at or above shoulder height on occasion.
• Ability to push, pull, carry and lift objects weighing up to 10 pounds on a regular basis, and greater weights on an occasional basis.
• Ability to travel by vehicle or aircraft, and ability to safely operate a motor vehicle.

Minimum Qualifications

• BA/BS degree in Computer Science with a minimum of five years’ related experience in performing patch\remediation management in an enterprise environment or an equivalent combination of education and experience.
• Ability to pass a background and drug screening.
• Must have identification compliant with the Real ID Act at time of hire.
• Must be able to obtain Department of Energy access badge.
  
• Ability to obtain a U.S. government security clearance (which requires U.S. Citizenship).

Preferred Qualifications

• CompTIA Security+ Certification
• EC-Council Certified Ethical Hacker
• Certified Information System Auditor (CISA)
• Knowledge of Active Directory, ADFS, Group Policy Management

Benefits: OSC Technical Solutions offers excellent benefits for eligible employees. Benefits include paid holidays, paid time off, 401k with employer match, dental, vision, health insurance plans through the Federal Employee Health Benefits (FEHB) program, as well as life and disability benefits.

OSC Technical Solutions does not discriminate, and the company provides equal employment opportunity for all employees and applicants without regard to race, religion, color, sex, gender, sexual orientation, national origin, citizenship status, age, marital status, pregnancy or parenthood, handicap or disability, genetics, veteran status or any other legally protected characteristic. OSC Technical Solutions adheres to all federal, state and local laws regarding equal employment opportunity and will not discriminate against you in violation of these laws. OSC Technical Solutions reserves the right to apply CIRI Shareholder preference to qualified Shareholders in employment and advancement opportunities.

OSC Technical Solutions participates in E-Verify. We will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS), with information from each new employee's Form I-9 to confirm work authorization.

Reasonable Accommodation:

OSC Technical Solutions will provide reasonable accommodations, according to applicable state and federal laws, to all qualified individuals with physical or mental disabilities. In compliance with the ADA Amendments Act (ADAAA), if you have a disability and would like to request an accommodation in order to apply for a position with OSC Global, LLC or any of its subsidiaries, please email recruiting@ciri.com.

Important Employment Notice: Federal Contract & RCW 49.44.240:

Due to our status as a federal contractor operating within the State of Washington, all applicants and employees must adhere to federal law, which classifies cannabis as a Schedule I controlled substance.

While Washington State’s RCW 49.44.240 (which generally prohibits employers from discriminating against an applicant based on their lawful use of cannabis off-site and during working hours) is state law, it does not supersede federal requirements.

Zero-Tolerance Policy and Disqualification

Prohibition: The use, possession, or distribution of cannabis is strictly prohibited for all employees, regardless of state law.
Testing: Applicants will be subject to pre-employment drug screening that includes testing for cannabis.
Disqualification: A positive test result for cannabis will result in immediate disqualification from consideration for employment, as mandated by our federal contract obligations.

All applicants must be able to comply with all federal regulations, including those concerning controlled substances, as a condition of employment.