Senior Security Consultant (Continuous Monitoring)

Ready for Whatis Next? Kratos Defense & Security Solutions develops and fields transformative, affordable technology, platforms, and systems for United States National Security related customers, allies, and commercial enterprises. iWe proactively build trusted relationships with our peers, partners and customers, and take ownership for our actionsialways striving to do the right thing. Come join a dynamic and engaging work environment as a Senior Security Consultant supporting our Continuous Monitoring capabilities and team within the Kratos Cybersecurity Services business unit. Collaborate with cybersecurity experts and high profile customers to provide vulnerability scan analysis & validation, Plan of Actions & Milestones (POA&M) review, Risk Exposure Table (RET) analysis, and support in creation / validation of vulnerability deviation requests.

In this role, you will be conducting detailed analysis on operating system, web application, database, and container vulnerability scans. Analysis will be based on validating accuracy of scanning scope based on documented inventories, scan authentication, and determination of the latest vulnerability tool signatures. Reporting will capture gaps in the analysis, and fully compiled vulnerabilities to present the customers complete risk posture.i

The ideal candidate is highly organized, detail oriented, and able to trouble shoot data anomalies. Success in this growth position will allow for opportunities to assist in furthing the services and capabilities of the Kratos Advanced Cyber Services Team including automation creation and support for a variety of vulnerability scanners, security tools, and administrative tasks.

• Expert knowledge MS Excel
• Experience with PowerShell, GO, and/or Python
• Validate Vulnerability Scan Quality (Authentication, Signature Updates, Configuration, etc.)
• Experience with various vulnerability scanners such as Tenable, Qualys, Burp Suite, etc.
• Experience with configuration / compliance checks such as CIS Benchmarks and STIGs




• Ability to identify & verify authenticated & non-authenticated scans and agent-based scans.
• Ability to validate that vulnerability tool signatures are updated to the latest version and maintain a consistent update schedule.
• Ability to validate the scope of the audit checks enabled by the scanner are properly executing on the applicable assets




• Strong Communication with the customer & fellow team members.




• Actively communicate issues or concerns to the customer & team
• Actively listens and participates in meetings




• Review & Verify Data Structures / Report Outputs from Vulnerability Scanners




• Ability to understand and verify data structures such as XML, JSON, YAML, etc.
• Ability to identify required data fields for reports and utilize them accordingly
• Ability to correlate potentially complex data structures and consolidate the data into a single format for analysis




• Strong Writing & Editing skills to assist in writing, developing, and editing ConMon processes & documentation.




• Ability to write, edit, review, and assemble documents utilizing Microsoft Office & Markdown formatting syntax
• Ability to effectively write and clearly convey information
• Familiarity with code layout and able to extract comments to document functionality




• Ability to effectively accomplish complex tasks with minor guidance from team leadership.




• Ability to sequence and execute work efficiently with set timelines.
• Seek understanding and clarification of objectives within set tasks




• Familiarity with Vulnerability Scans




• Ability to validate scans against an inventory & ensure all hosts within a boundary are scanned. (Host Inventory Management)
• Familiarity and ability to differentiate different asset types such as containers, operating systems, databases, web scans, etc.
• Familarity and ability to differentiate different types of audit checks such as CIS Benchmark / SITG checks and vulnerability checks.




• Ability to demonstrate flexibility and resilience in response to changing or ambiguous work situtaitons while maintaining a positive attitude and making them learning opportunities.
• Enthusiasm for conducting research on a variety of technical & non-technical topics.




• Research may be for personal improvement or to assist team members in dissecting problems.




• Familiarity with documentation styles that identify tasks that need to be accomplished & their required resources. Examples include:




• Plan of Action and Milestones (POA&M)
• Deviation Requests
• Project Plans
• Communication Plans

Desired Skills and Experience

• Experience using Linux and SQL
• FedRAMP experience
• Cyber Security certifications (e.g.,Sec+, CISSP, etc.)

#LI-Remote

Competitive salary based on experience and education
Salary Range: $110,000-$142,000

Kratos is valued for our ability to design and deliver leading edge, resilient solutions for aerospace communication, control, awareness and mission success across a continuum of offeringsifrom commercial to tailored custom solutions and integrated programs. Customers trust us to stay relevant and know we are in it for the long-haul. We bring both the capability and confidence that our customers value and depend on. And, we always deliver.