Vulnerability Assessment Analyst (Database) - Mid
Company:Harmonia Holdings Group, LLC
Location:United States
Languages:English
Seniority level:Middle
Skills:
PostgreSQLSQLCloud ComputingCybersecurityMicrosoft SQL ServerOracleLinuxTroubleshooting
Requirements:
Bachelor's degree in Cybersecurity, Information Technology, or related field. Experience with primarily Microsoft SQLServer and Oracle databases and must be proficient with AWS RDS, Azure SQL, and Postgre SQL. Proven experience in vulnerability scanning and security testing. In-depth knowledge of scanning tools (Tenable Security Center, Nessus Scanner, NMAP). Strong analytical and problem-solving skills. Excellent communication and documentation abilities. Support Windows, Unix, and Linux operating systems. VMWare AppDetectivePro DBProtect Nessus/Tenable Scanning NMAP Database DISA STIG interpretation and expertise
Responsibilities:
Perform vulnerability scanning against databases for known vulnerabilities, security misconfigurations, and compliance-related requirements. Coordinate CSOC-managed network scans with field points of contact. Review and verify hosts/IPs to be scanned. Review and select appropriate scan policy(s). Coordinate with network and team personnel. Monitor/coordinate/react as required throughout the duration of the scan. Troubleshoot any issues that occur during the scan. Verify accuracy of data and conduct system checks as required upon completion of the scan. Develop new testing programs. Verify, update, create report templates. Produce Database Post Scan Findings Reports. Conduct quality assurance checks of final reports. Distribute reports. Knowledge of common ports and port scanning. Support Windows, Unix, and Linux operating systems. Support coordinating and troubleshooting computer/network connection issues. Support database types to include but not limited to Microsoft SQL Server, Oracle, MySQL, PostgreSQL, MongoDB, AzureSQL, AWS RDS, Other Cloud PaaS Databases. Produce Database Scan Result Metrics to include program wide statistics and operational metrics collected over time. Manage and maintain backend system software. Administer existing and future infrastructure including system maintenance and management. Manage and maintain Government owned virtual machines (VM), operating systems, and applications.
