L3Harris is dedicated to recruiting and developing high-performing talent who are passionate about what they do. Our employees are unified in a shared dedication to our customers’ mission and quest for professional growth. L3Harris provides an inclusive, engaging environment designed to empower employees and promote work-life success. Fundamental to our culture is an unwavering focus on values, dedication to our communities, and commitment to excellence in everything we do.

L3Harris Technologies is the Trusted Disruptor in the defense industry. With customers’ mission-critical needs always in mind, our employees deliver end-to-end technology solutions connecting the space, air, land, sea and cyber domains in the interest of national security.

Job Title: Specialist, Vulnerability Management

Job Code: 22083

Job Location: Palm Bay, FL

Job Schedule: 9/80 REG

Job Description:

Executes security scanning and remediation operations under the guidance of the Vulnerability Management Lead on assigned government-authorized systems.  Will be responsible for performing compulsory scans of assigned information systems, including vulnerability, network detection and mapping, and controlled interfaces.  The candidate must be knowledgeable on a variety of vulnerability assessment tools, including Rapid 7 Nexpose, NMAP, and Nipper, or similar security tools.  Additionally, the candidate must be able to create and interpret scan reports and recommend prioritized remediation plans.  Ability to script and develop parsing tools preferred, such as BASH, Python and/or PowerShell scripts, etc.  Other responsibilities include may include: authoring and maintaining documentation supporting the Assessment & Authorization (A&A) of assigned systems in accordance with the Risk Management Framework (RMF) under the ICD503, JSIG and NISPOM; performing security control assessments as part of the system’s Continuous Monitoring Plan; overseeing configuration management of assigned systems; working with various stakeholders within the organization to develop device and system hardening guides following DISA and NIST guidelines; auditing systems to ensure security posture integrity; conduct periodic hardware/software inventory assessments; identifying system security controls shortcomings and developing POA&Ms; remediating control deficiencies; conducting, documenting and reporting annual self-assessments; maintaining operational information security posture for a system, program, or enclave; assist with investigating security incidents such as data spills, data integrity infractions, and malicious events; authoring and delivering security education and training to a range of audiences, as needed.

Essential Functions:

•    Configure scan engines for vulnerability, network detection and mapping, and controlled interface scans
•    Execute scans, generate reports, interpret results, and recommend remediation plans
•    Provide any requested Assessment & Authorization (A&A) documentation of assigned systems as applicable
•    Execute Continuous Monitoring Plans
•    Interface with system managers and Information Technology (IT) personnel to track and resolve identified vulnerabilities
•    Create, maintain, and update documentation
•    Develop new concepts or standards which make significant and impactful improvements to processes, systems, solutions, or products

Qualifications: 

•    Bachelor’s Degree and minimum 4 years of prior relevant experience. Graduate Degree and a minimum of 2 years of prior related experience. In lieu of a degree, minimum of 8 years of prior related experience.
•    Active Top Secret security clearance with SCI. Current counterintelligence (CI) polygraph investigation or willingness to submit to a CI polygraph. Willingness to submit to a Full Scope Polygraph.
•    Security+ CE or equivalent certification within 6 months of hire.

Preferred Additional Skills:

•    Minimum 4 years of prior relevant experience to include experience with networking equipment; experience running vulnerability scans, administration of virtual machines, and interpreting results (e.g. Nessus, Assured Compliance Assessment Solution [ACAS], Rapid7 Nexpose, NMAP, etc.)
•    Experience as an ISSO managing cybersecurity on classified systems under multiple agencies’ JSIG, NISPOM Ch8, ICD 503, and/or NIST 800-53 implementations.
•    Experience with project management tools such as Jira and Confluence.
•    Experience developing, managing, and providing evidence to close POA&Ms associated with the A&A and project management processes.
•    Experience with diverse workstation and server operating systems, including, but not limited to, Microsoft and Linux.
•    Flexibility to adjust to changing requirements, schedules, and priorities.
•    Able to socialize ideas, make recommendations, and gain team consensus.
•    Excellent time management and task prioritization skills.
•    Certified Information System Security Professional (ISC2 CISSP) or equivalent certification.
•    Exceptional verbal, written, interpersonal and presentation skills, customer relationship building skills, analytical skills 
•    Ability work in a team environment.
•    Ability to script and develop parsing tools, such as BASH script, Python, PowerShell script, etc.

#LI-FS1

L3Harris Technologies is proud to be an Equal Opportunity Employer. L3Harris is committed to treating all employees and applicants for employment with respect and dignity and maintaining a workplace that is free from unlawful discrimination. All applicants will be considered for employment without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender (including pregnancy, childbirth, breastfeeding or other related medical conditions), gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, characteristic or membership in any other group protected by federal, state or local laws. L3Harris maintains a drug-free workplace and performs pre-employment substance abuse testing and background checks, where permitted by law.

Please be aware many of our positions require the ability to obtain a security clearance. Security clearances may only be granted to U.S. citizens. In addition, applicants who accept a conditional offer of employment may be subject to government security investigation(s) and must meet eligibility requirements for access to classified information.

By submitting your resume for this position, you understand and agree that L3Harris Technologies may share your resume, as well as any other related personal information or documentation you provide, with its subsidiaries and affiliated companies for the purpose of considering you for other available positions.

L3Harris Technologies is an E-Verify Employer. Please click here for the E-Verify Poster in English or Spanish. For information regarding your Right To Work, please click here for English or Spanish.