Vulnerability Management Lead, Top Secret

About The Position

Requirements

• 10 + years of related experience
• Experience overseeing vulnerability management programs and security assessments (cloud, enterprise, OT) for large-scale federal environments, including penetration testing and SOC evaluation.
• Demonstrated ability to manage remediation workflows, automated tracking, and risk acceptance processes aligned to federal frameworks (e.g., FISMA, NIST) and CISA standards.
• Familiarity with red/blue/purple-team practices, phishing assessment design, and PoC exploit development to validate controls and detection logic.
• Strong communication and reporting skills (status reports, kickoffs, out-briefs) with a focus on measurable mission impact.
• 5 years of management of cybersecurity teams
• Experience integrating AI/ML-enabled tools into vulnerability discovery, risk scoring, and remediation workflows, including automated analysis pipelines and machine-readable assessment outputs.
• Demonstrated ability to evaluate and operationalize AI-assisted threat emulation, automated adversary simulation systems, or model-driven red-team augmentation capabilities.
• Familiarity with AI/ML analytics used for detection logic improvement, control effectiveness measurement, and identification of systemic weaknesses across large-scale enterprise or cloud environments.
• Hands-on experience using or overseeing AI-powered reporting and governance workflows, such as automated dashboarding, NLP-based narrative generation, or predictive remediation analytics.
• Knowledge of federal AI governance and risk management principles (e.g., NIST AI RMF, agency-specific AI policies) and the ability to ensure responsible, auditable, and compliant use of AI within cybersecurity operations.
• Practical understanding of ML-driven behavioral analysis, anomaly detection, and adversary behavior modeling tools employed in SOC evaluation, emulation exercises, or continuous monitoring programs.
• Experience managing teams that utilize cyber range automation platforms or AI-enabled orchestration tools to configure, deploy, and validate secure test environments rapidly and consistently.
• Ability to assess and validate output from AI/ML systems.

Nice To Haves

• Experience with threat emulation/simulation environments and cyber-range operations that replicate adversary target spaces.
• Background turning adversary behavior insights into analytics and detection logic enhancements.
• Relevant certifications (e.g., CISSP, OSCP, GPEN, GICSP)
• Familiarity with CISA Cyber Performance Goals and NIST control baselines.

Responsibilities

• Oversee teams conducting comprehensive site-based and remote assessments supporting vulnerability management, compliance validation, and ad-hoc inspection needs.
• Ensure detailed assessments of technical and non-technical controls across cloud, bare-metal, and OT/ICS systems are aligned to NIST frameworks, Federal guidance, and Cyber Performance Goals.
• Direct tailored test plans.
• Oversee assessments of performance using red-, blue-, and purple-team methodologies.
• Manage automated system and web-application scanning, phishing assessments, and development of customized plugin policies.
• Enforce clear operational oversight practices—weekly status reports, daily assessment updates, formal kickoffs, and structured out-briefs.
• Oversee end-to-end management of assessment findings—advising system owners on corrective actions and ensuring vulnerabilities are prioritized, fixed, mitigated, or appropriately risk-accepted (where/when applicable).
• Direct delivery of automated remediation tracking, trend analysis, and documented mitigation strategies.
• Ensure machine-readable assessment outputs are produced and that CISA-standard tools, techniques, and procedures are utilized.
• Integrate artificial intelligence/machine learning (AI/ML)-enabled vulnerability discovery and enrichment tools.
• Leverage ML-driven risk scoring models to support prioritization of remediation actions, incorporating threat intelligence, exploitability indicators, adversary behaviors, and mission impact.
• Implement AI-assisted analytics to evaluate remediation trends, predict control failures, and provide early warning indicators.
• Employ automated reasoning and natural language processing (NLP) technologies.
• Oversee integration of AI-powered attack simulation, red-team automation, and adversary emulation platforms.
• Direct the use of AI-based anomaly detection and behavior modeling.
• Ensure assessment and remediation workflows are compatible with AI-enabled orchestration platforms, allowing real-time synchronization of findings, automated task assignment, and predictive remediation timelines.
• Guide adoption of ML-assisted configuration baselining and drift detection capabilities that alert teams to deviations from secure architectures and federal benchmarks.
• Promote responsible and compliant use of AI/ML in vulnerability management.
• Oversee teams that emulate and simulate real-world threat actors in live and synthetic environments.
• Ensure the creation and operation of realistic, secure, and rapidly reconfigurable emulated network environments for representative cyber-range experimentation.
• Direct reproduction of adversary behaviors (intelligence-derived TTPs, open-source reporting, government-provided data) in test/evaluation environments to improve detection and prevention.
• Oversee red- and blue-team exercises on emulated networks using realistic tools, malware, and tradecraft.
• Ensure adversary behavioral characteristics from emulation activities are collected and transformed into improved analytics, detection logic, and defensive process enhancements.
• Employ ML-based behavior modeling engines to create adaptive threat actors.
• Use AI-assisted cyber range orchestration tools to configure, deploy, and reset complex emulated environments, enabling faster test cycles.
• Implement AI/ML analytics to evaluate telemetry captured from emulation and simulation events, identifying defensive blind spots, response gaps, and control weaknesses.
• Leverage machine learning to generate synthetic malware variants, exploit chains, and network behaviors that stress test signature-based and behavior-based detection mechanisms.
• Direct the use of autonomous or semi-autonomous red-team augmentation tools.
• Incorporate AI-powered anomaly detection systems into blue-team exercises to evaluate how effectively defensive tools and analysts perform.
• Ensure adversary emulation telemetry is transformed into machine-readable threat intelligence artifacts (e.g., STIX, ATT&CK-mapped behavioral profiles).
• Maintain continuous communication with system owners and stakeholders.
• Recommend innovative processes and technologies that modernize assessment efficiency and accuracy, enabling scalable methodologies.
• Drive analytic rigor by producing custom testing artifacts and enhancing tooling/processes used across engagements.
• Implement AI-enabled reporting workflows that automatically transform machine-readable assessment data into tailored dashboards, executive summaries, and audit-ready artifacts aligned with federal and CISA reporting standards.
• Employ natural language processing (NLP) tools to analyze assessment narratives, finding trends, common control failures, and opportunities for standardization or process optimization.
• Suggest the integration of AI-assisted governance tools that predict remediation timelines, estimate risk reduction outcomes, and support decision-making for prioritizing enterprise-level mitigation actions.
• Use machine learning to continuously evaluate the effectiveness of assessment methodologies and control validation processes, recommending evidence-based improvements to increase precision and reduce manual effort.
• Propose the adoption of generative AI tools to prototype new testing artifacts, emulate threat conditions, and accelerate the development of reusable templates that enhance efficiency across teams.
• Ensure responsible, transparent, and auditable use of AI/ML technologies within governance and reporting workflows, aligned with federal AI risk management practices and agency-specific policies.

Benefits

• 401K with company match
• Comprehensive health and wellness packages
• Internal mobility team dedicated to helping you own your career
• Growth opportunities including paid education and certifications
• Access to cutting-edge technology to stay ahead of the mission
• Rest and recharge with paid vacation and holidays
• Variety of medical plan options, some with Health Savings Accounts
• Dental plan options
• Vision plan
• Ability to contribute both pre and post-tax dollars to 401(k) up to the IRS annual limits and receive a company match
• Full flex work weeks where possible
• Variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave
• Short and long-term disability benefits
• Life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available.