Vulnerability Management & Remediation Coordination Lead

About The Position

Requirements

• 8 years of experience in Vulnerability Inventory and Baseline Establishment
• 8 years of experience Risk Classification and Prioritization
• 8 years of experience in tracking vulnerability remediation
• 8 years of experience in producing status reports
• 8 years of experience in validating remediation actions through available evidence, including vulnerability scan results
• Must be able to pass a background check. May require additional background checks as required by projects and/or clients at any time during employment.
• Exceptional interpersonal skills with the ability to communicate in a clear, professional, and articulate manner.
• Exceptional verbal and written communication skills.
• Excellent organizational, analytical, and problem-solving skills with high-level attention to detail.
• Proven ability to multitask and prioritize in a fast past environment with changing priorities; adaptable to change and a quick learner.
• Must be self-motivated and able to work well independently as well as on a multi-functional team.
• Ability to handle sensitive and confidential information appropriately
• Proficient in MS Office, Word, Outlook, PowerPoint, and Excel.
• Ability to build trust and maintain relationships across technical and business teams.

Nice To Haves

• Additional qualifications, certifications, skills, or experience specific to the client’s requirements may be identified and requested upon award of the task order. Candidates should demonstrate flexibility and a willingness to adapt to evolving responsibilities as outlined by the client.

Responsibilities

• Review the Agency’s existing vulnerability data, including vulnerabilities identified through scanning, assessments, or other security tools.
• Establish and maintain a consolidated vulnerability baseline.
• Develop and document a remediation timeline for all identified vulnerabilities, reflecting current risk posture and aging.
• Ensure that vulnerabilities are categorized and prioritized based on risk, severity, exploitability, and potential impact to Agency operations.
• Align vulnerability classification and prioritization to applicable NIST guidance.
• Validate that remediation timeframes align with Agency established expectations for different vulnerability risk levels.
• Coordinate remediation activities with system, server, and application owners.
• Communicate clear remediation expectations, risk context, and required timelines to responsible parties.
• Track remediation progress and identify blockers, dependencies, or delays impacting closure.
• Escalate overdue, high risk, or critical vulnerabilities to appropriate Agency governance or oversight bodies, in accordance with Agency processes.
• Maintain ongoing tracking of vulnerability remediation status.
• Produce periodic status reports summarizing.
• Validate remediation actions through available evidence, including vulnerability scan results or other supporting artifacts.
• Confirm closure of vulnerabilities in tracking systems once remediation is completed and validated.
• Ensure vulnerabilities that cannot be remediated within required timeframes are formally documented and supported by approved risk acceptance or exception documentation, in accordance with Agency policy.
• Identify process gaps, systemic issues, or control weaknesses affecting vulnerability remediation effectiveness.
• Provide recommendations for improving vulnerability remediation processes and accountability, aligned with NIST standards and Agency governance requirements.
• Other duties as assigned.

Benefits

• Medical, Dental and Vision Insurance
• Wellness Program
• Flexible Spending Accounts (Healthcare, Dependent Care, Commuter)
• Short-Term and Long-Term Disability options
• Basic Life and AD&D Insurance (Company Provided)
• Voluntary Life and AD&D options
• 401(k) Retirement Savings Plan with matching after one year
• Paid Time Off