Vulnerability Assessment Team Lead

About The Position

Requirements

• Minimum 5 years of experience performing enterprise vulnerability assessments.
• Strong background analyzing vulnerabilities and providing remediation instructions.
• Experience operating vulnerability scanning platforms and assessment tools.
• Knowledge of Application Security concepts and secure system implementation.
• Understanding of Firewall Management, ATP tools, access control, IDS/IPS, and protocol analysis.
• Familiarity with classified information handling requirements.
• Experience working in compliance-driven environments (FISMA, RMF, NIST).
• Strong analytical, communication, and reporting skills.
• TS/SCI Clearance required

Nice To Haves

• CISSP - Certified Information Systems Security Professional
• Certified Ethical Hacker (CEH) or one of the following: DoD 8570 IAT Level II or IAM Level I or CSSP Analyst / Incident Responder
• GCFA - GIAC Certified Forensic Analyst
• GCFE - GIAC Certified Forensic Examiner
• GREM - GIAC Reverse Engineering Malware
• GNFA - GIAC Network Forensic Analyst

Responsibilities

• Lead enterprise vulnerability assessment efforts and security testing activities.
• Perform vulnerability scanning and analysis across complex networks and systems.
• Provide clear, actionable remediation guidance and track remediation efforts to completion.
• Support the development, implementation, and maintenance of enterprise vulnerability management services and processes.
• Operate, configure, and optimize agency tools and technologies used for vulnerability testing, scanning, and threat identification.
• Review and update vulnerability management plans, policies, and documentation.
• Coordinate scanning schedules, scope, and requirements with stakeholders and system owners.
• Review, analyze, validate, and report vulnerability scan results and findings.
• Maintain a repository of vulnerability assessment tool and application issues; report issues to the Government VAT Team Lead and SSD Director.
• Apply Information Systems Security principles and relevant security methodologies across the vulnerability lifecycle.
• Assist with Application Security efforts, including secure configuration and vulnerability testing.
• Leverage understanding of Firewall Management and Advanced Threat Protection solutions.
• Apply expertise related to Access Control, Authorization, IDS/IPS, and protocol analysis.
• Ensure proper handling of sensitive and classified information protocol requirements.
• Ensure compliance with FISMA, NIST, and Risk Management Framework (RMF) standards.

Benefits

• Health/Dental/Vision
• 401(k) match
• Paid Time Off
• STD/LTD/Life Insurance
• Referral Bonuses
• professional development reimbursement
• parental leave