Risk-Based Asset Manager (R-00144)

About The Position

Requirements

• Bachelor’s degree in Information Technology, Information Systems, Computer Science, Computer Engineering, Electrical Engineering, or related technical field; or equivalent additional experience
• 7+ years of total professional experience
• 5+ years of technical experience in vulnerability management, configuration management, database hardening, or related security operations
• Experience leading technical teams or workstreams in dynamic environments
• Strong experience managing vulnerability remediation efforts across enterprise environments
• Experience using vulnerability scanning tools such as Tenable/Nessus
• Strong experience establishing, maintaining, and enforcing configuration baselines
• Familiarity with remediation practices across Windows, Linux, network devices, containers, and cloud platforms
• Strong knowledge of CVE, CVSS, NVD, and the CISA KEV catalog
• Strong knowledge of configuration management principles and secure baseline enforcement
• Familiarity with DISA STIGs, CIS Benchmarks, and secure hardening practices
• Experience with enterprise dashboards, reporting, and ticketing workflows
• Experience with scripting and automation using tools such as Python, PowerShell, Bash, or similar
• Experience with a wide range of database technologies including:
• Relational databases: Oracle, PostgreSQL, MySQL, MS SQL
• NoSQL Databases: MongoDB
• Cloud-native databases: AmazonRDS, Azure SQL, DynamoDB
• Familiarity with DevSecOps and CI/CD pipeline concepts
• Ability to assess and secure on-premises and cloud-hosted database environments
• Experience with audit logging, encryption, masking, and technical evidence generation for compliance needs
• Strong written and verbal communication skills
• One active certification such as CASP, GSEC, GSLC, CISSP, CEH, CISM, CISA, or comparable
• One active Agile certification such as PMI-ACP, SAFe Agilist, CSM, or comparable

Responsibilities

• Oversee RBAM projects, schedules, milestones, and team execution
• Facilitate meetings and brief leadership on status, risks, priorities, and progress
• Direct and support enterprise vulnerability scanning, analysis, remediation prioritization, and reporting
• Guide the development and enforcement of secure configuration baselines across systems and platforms
• Coordinate database hardening, patching, scanning, and compliance activities with stakeholders
• Review cyber hygiene findings and translate results into actionable remediation plans
• Support evaluation of new technologies and products through security review and software approval processes
• Develop or enhance dashboards, reporting, and metrics to improve visibility into risk and remediation progress
• Support process improvement, automation, and operational maturity efforts across the RBAM function
• Ensure work products, reporting, and technical activities align with DHS, client, and federal cybersecurity expectations
• Lead and coordinate vulnerability management, configuration management, and database hardening activities

Benefits

• Competitive salary, paid twice per month
• Best in class medical coverage
• 100% of medical premiums covered by True Zero
• Company wide new business incentive programs
• Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.)
• 3 weeks of PTO starting + 11 Paid Holidays Annually
• 401k Program with 100% company match on the first 4%
• Monthly reimbursement of Cell Phone and Home Internet costs
• Paternity/Maternity Leave
• Investment in training and certifications to broaden and deepen your technical skills