Data/Information Architect – Consultant - IA 26-04542

About The Position

Requirements

• 5+ years of experience with vulnerability management tools (e.g., Qualys, Tenable, Rapid7)
• 5+ years of experience in designing, deploying, and managing vulnerability management platforms
• 5+ years of experience with Windows and Linux operating systems
• Strong experience with CVSS scoring, POA&M tracking, and risk mitigation strategies
• Bachelor’s degree in Information Technology, Cybersecurity, or related field OR equivalent combination of education and relevant experience

Nice To Haves

• Familiarity with security frameworks (e.g., PCI DSS, NIST, ITIL, CVSS, MITRE ATT&CK)
• Experience with application security and scripting (Python, PowerShell, Bash)
• Experience leading enterprise or large-scale vulnerability management programs
• Local to or near Columbia, South Carolina (preferred)
• Advanced security certifications (e.g., CISSP, CISA, CISM or equivalent)
• Additional certifications such as CEH, OSCP, or GPEN

Responsibilities

• Support and enhance an enterprise-wide vulnerability management program
• Administer vulnerability management platforms, including configuration, policy setup, and reporting
• Analyze vulnerabilities, prioritize remediation efforts, and document residual risks
• Provide training and guidance on vulnerability management best practices
• Assist in the procurement, implementation, and optimization of security tools
• Develop and track Plans of Action & Milestones (POA&Ms) to ensure timely remediation
• Conduct system criticality and risk validation assessments
• Deliver regular reports and updates to stakeholders on vulnerabilities and risk posture