Senior Vulnerability Management Specialist
Job Title: Senior Vulnerability Management Specialist
Location: Remote
Role Description:
The Senior Vulnerability Management Specialist will support the planning, operation, modernization, and continuous improvement of the Vulnerability Management and Contingency Planning Programs. Responsibilities may include:
• Manage the vulnerability management program in line with DHS CDM, NIST SP 800-137, NIST SP 800-53 (RA-5, SA-11), BOD 18-01, and CISA Cyber Hygiene Services.
• Conduct vulnerability assessments across systems, cloud, containers, and IaC; track findings through remediation and closure.
• Develop and maintain POA&Ms in CSAM (or comparable GRC system), integrating findings with SIEM and ticketing platforms like ServiceNow.
• Assess CI/CD pipeline security and policy-as-code controls to catch vulnerabilities early in development.
• Apply NIST RMF and SP 800-53 controls to support risk assessment, FISMA compliance, and adherence to CISA BODs and OMB guidance.
• Support FISMA, OIG, GAO, and independent security audits with documentation and evidence.
• Author SOPs, playbooks, policies, and risk reports; maintain enterprise vulnerability management tools.
• Brief technical and executive stakeholders on risk findings, and coordinate remediation with cross-functional and government teams.
Required Qualifications & Education:
• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Information Systems, Engineering, or a related technical discipline.
• Minimum 6 to 10+ years of progressively responsible experience in Working knowledge of DHS CDM Program requirements, NIST SP 800-137 (Information Security Continuous Monitoring), NIST SP 800-53 controls (in particular RA-5 and SA-11), DHS BOD 18-01, and CISA Cyber Hygiene Services.
• Experience supporting POA&M development, remediation tracking, and closure within Cyber Security Assessment and Management (CSAM) or a comparable governance, risk, and compliance system.
• Experience with Cloud and cloud-native vulnerability scanning, including container image and Infrastructure-as-Code (IaC) assessment.
• Familiarity with CI/CD pipeline security controls and policy-as-code enforcement.
Experience integrating vulnerability data with SIEM and ticketing platforms such as ServiceNow.
• Familiarity with the client Technology Standards and Products Guide and client Lifecycle Management Methodology (LMM).
• Working knowledge of:
o NIST Risk Management Framework (RMF)
o NIST SP 800-53 Security Controls
o Federal Information Security Modernization Act (FISMA)
o CISA Binding Operational Directives (BODs)
o OMB cybersecurity guidance
• Experience conducting vulnerability assessments, security analysis, remediation tracking, and risk reporting.
• Experience supporting security audits, including FISMA, OIG, GAO, or independent assessments.
• Experience developing technical documentation such as Standard Operating Procedures (SOPs), implementation guides, playbooks, policies, and reports.
• Experience using enterprise vulnerability management and security assessment tools.
• Strong analytical, organizational, and problem-solving skills with the ability to manage multiple priorities.
• Excellent written and verbal communication skills with experience presenting technical information to technical and executive audiences.
• Experience collaborating with cross-functional teams, stakeholders, and government customers.
• Working knowledge of DHS CDM Program requirements, NIST SP 800-137 (Information Security Continuous Monitoring), NIST SP 800-53 controls (in particular RA-5 and SA-11), DHS BOD 18-01, and CISA Cyber Hygiene Services.
• Experience supporting POA&M development, remediation tracking, and closure within Cyber Security Assessment and Management (CSAM) or a comparable governance, risk, and compliance system.
Preferred Technical Experience
• Experience with one or more of the following technologies is highly desirable:
• Tenable Nessus
• OWASP
• Microsoft Power BI
• Microsoft Teams
• SharePoint
• Splunk
• Governance, Risk & Compliance (GRC) platforms
• Agile project management tools
Preferred Certifications
• Certified Information Security Manager (CISM)
• CompTIA Security+
• Other industry-recognized cybersecurity certifications relevant to vulnerability management, risk management, or information security.
Clearance and Location Requirements:
• Able to be cleared for a Public Trust clearance.
• This is a remote position.
Recommended Jobs
Caregiver
Purpose To perform non-professional direct patient care duties under the supervision of nursing personnel and to assist in maintaining a positive physical, social, emotional and spiritual environmen…
Travel Occupational Therapist Acute Care Job
Job Description Are you a skilled Occupational Therapist (OT) seeking a rewarding adventure in Acute Care? Pack your bags for a 12-week travel healthcare assignment in Augusta, Georgia, where the c…
Construction Financial Controller
Job Description Job Description Controller Job Description We are a high-end, rapidly growing asphalt maintenance and paving company in Marietta, Georgia looking for a motivated, reliable, ful…
Director of Facilities
Description Concord Hospitality is seeking a hands-on and solutions-focused Director of Facilities to lead all property security, maintenance and engineering operations. The ideal candidate is a…
Client Success Manager
Job Description Job Description Who We Are Roots is a wealth-building platform built on a simple belief: everyone deserves a real path to financial growth, and that path should feel achievable. …
Facility Cleaning Supervisor
Job Description Job Description Facility Cleaning Supervisor The Facility Cleaning Supervisor plays a crucial role in ensuring the cleanliness of facilities while also managing and supporting …
Field Subcontracts Manager
Why Black & Veatch Join the Black & Veatch Construction team and build with pride . As a 100% employee‑owned company, every role matters — you own your work, your impact, and your future. We le…
Travel Radiology Nuclear Medicine Tech Job
Job Overview TLC Nursing Associates, Inc. is seeking a skilled Nuclear Medicine Technologist to prepare and administer radiopharmaceuticals, perform high?quality diagnostic and therapeutic imag…
Traveling Construction Superintendent - Augusta, GA
Job Description Job Description Description: Gemini Construction Company, LLC Gemini Construction is the construction arm of Hull Property Group and specializes in performing all aspects of ret…
Warehouse Supervisor
Job Description Job Description We are looking for an experienced warehouse supervisor to manage and oversee all warehouse activities, ensure efficient processes, and maximize warehouse productiv…