Vulnerability Management Specialist IV

About The Position

Requirements

• Bachelor’s degree in computer science, Information Systems, or related field.
• 8+ years of experience in vulnerability management with 8+ years in cybersecurity or IT operations.
• Proficient in Tenable/Nessus, Qualys, and ACAS.
• Must meet DoD 8570 IAT Level II requirements.
• Must have active Top Secret Clearance. With SCI eligibility.
• Knowledge, Skills, and Abilities: Proficiency with vulnerability scanning tools: Tenable/Nessus, Qualys, ACAS.
• Excellent communication, leadership, and project management skills.
• Familiarity with HBSS/ESS, STIGs, and patch management systems.
• Strong understanding of CVE/CVSS scoring, vulnerability databases, and threat modeling.
• Experience with RMF, POA&M, and DoD cybersecurity compliance frameworks.
• Ability to assess risk and impact of vulnerabilities in complex environments.
• Skilled in correlating scan data with asset inventories and mission priorities.
• Capable of developing and executing vulnerability mitigation strategies.
• Ability to brief executives and collaborate across cross-functional teams.
• Strong organizational skills, with excellent verbal and written ability.
• Ability to work both independently and within a team.
• Ability to meet minimum clearance requirements.
• Ability to work nights, weekends, and holidays as required.
• Ability to travel up to 10%.

Nice To Haves

• Certifications: CEH or equivalent desired.

Responsibilities

• Lead vulnerability lifecycle management across enterprise systems.
• Correlate vulnerability scan results (e.g., Tenable, Nessus, ACAS) with asset inventories and mission risk.
• Drive patch prioritization aligned with threat intelligence. Supports RMF and POA&M inputs.
• Lead vulnerability identification, analysis, and remediation across enterprise systems.
• Conduct and correlate vulnerability scans using tools such as Tenable/Nessus, Qualys, and ACAS.
• Align vulnerability findings with asset inventories and mission-critical systems.
• Perform criticality assessments and prioritize patching based on CVE/CVSS scores and threat intelligence.
• Coordinate mitigation efforts with IT, security, and operations teams.
• Maintain and update vulnerability management policies, procedures, and documentation.
• Support RMF (Risk Management Framework) compliance and contribute to POA&M inputs.
• Deliver executive-level briefings and reports on vulnerability status and remediation progress.
• Stay current with emerging threats, vulnerabilities, and mitigation strategies.
• Other duties as assigned.

Benefits

• At Chenega MIOS, we know that great people make a great organization. We value our team members and offer them a broad range of benefits.
• At Chenega MIOS, our professional development plan focuses on helping our team members at every level of their careers to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn.
• We offer opportunities to help sharpen skills in addition to hands-on experience in the global, fast-changing business world. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their careers.