SOC Vulnerability Management Team Lead - Senior

About The Position

Requirements

• U.S. Citizenship is required
• Security Clearance: Secret Eligible
• Required Certifications: DCWF Work Role 541-Vulnerability Assessment Analyst — Intermediate proficiency; must hold ONE OR MORE of the following: CEH(P), RCCE Level 1, Cloud+, CPTE, FITSP-A, GCED, GCIH, GCSA, GICSP, GSEC, PenTest+, Security+
• 7+ years of experience in cybersecurity
• Bachelors degree or higher in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering
• Experience coordinating vulnerability management operations, including scan scheduling, triage workflows, remediation tracking, and validation activities.
• Experience documenting findings and validating remediation in accordance with STIGs, IAVMs, RMF requirements, and DoD cybersecurity directives.
• Experience tracking POA&Ms and supporting continuous monitoring and audit readiness objectives.
• Experience developing or supporting operational metrics and compliance reporting related to vulnerability management performance.
• Experience coordinating with system owners, ISSOs, and engineering teams to drive mitigation of identified vulnerabilities.
• Experience supporting enterprise cybersecurity operations in classified and unclassified environments.
• Experience working within large, distributed enterprise environments with multiple stakeholders and operational dependencies.
• Ability to oversee technician tasking and maintain accurate records of vulnerability status, remediation progress, and validation results.

Responsibilities

• Lead daily vulnerability management activities across supported ARNG enterprise environments, including scan scheduling, triage, remediation tracking, and validation of corrective actions.
• Assign, monitor, and balance technician workload to ensure timely execution of vulnerability assessment and remediation objectives under Task 3 Cybersecurity Operations Support.
• Validate remediation effectiveness and configuration compliance against applicable STIGs, IAVMs, RMF requirements, and DoD/ARNG cybersecurity directives.
• Track POA&M status, prioritize high-risk vulnerabilities based on operational impact and threat posture, and support continuous monitoring and audit readiness activities.
• Coordinate with system owners, ISSOs, and engineering teams to drive timely mitigation of findings and maintain accurate vulnerability documentation and supporting artifacts.
• Support development of operational metrics, compliance reporting, and status products used to assess vulnerability trends, remediation performance, and program readiness.
• Integrate vulnerability management activities with enterprise compliance processes, including eMASS update and integration activities identified within the ENOCS cybersecurity operations framework.
• Coordinate with SOC and security operations stakeholders to ensure vulnerability data supports broader monitoring, analysis, and defense activities across ARNG classified and unclassified enclaves.
• Contribute to cybersecurity operations conducted in coordination with the NETCOM Global Cyber Center and DISA DCDC to help defend the DoDIN-Army-NG area of responsibility.
• Help maintain enterprise cyber resilience for ARNG missions spanning 54 states and territories by supporting continuous scanning, remediation, and compliance monitoring for a large-scale user and endpoint environment.