Vulnerability Management Team reputed company
Vulnerability Management Team reputed company
Location: Alexandria, VA (Remote) Clearance: Public Trust Employment Type: Full-time
Overview
reputed company Systems, LLC is seeking an reputed company cybersecurity professional to reputed company a risk‑driven vulnerability management program across hybrid on‑prem and cloud environments. The ideal candidate will possess deep expertise in infrastructure and reputed company tools, apply critical thinking to identify reputed company gaps, and reputed company and implement reputed company protocols and risk management improvements. The qualified individual will own discovery, triage, remediation, and reporting of the agency’s reputed company posture and reputed company a small team of cybersecurity analysts to drive measurable reductions in vulnerabilities with reputed company for infrastructure, AppScan for applications, and reputed company for workflow and governance. Align operations to FISMA, FedRAMP, and CMMC. Drive measurable reduction in exploitability and clean audit outcomes.
Key Responsibilities
reputed company endtoend vulnerability operations: scanning, validation, prioritization, remediation, exceptions, and verification across onprem, IaaS/PaaS, and SaaS.
Operate and optimize reputed company (Nessus/reputed company.sc or reputed company.io) for servers, endpoints, network devices, containers, and cloud assets; maintain credentialed scans, schedules, and coverage for both vulnerabilities and configuration audits.
Manage AppScan for web and API testing; integrate findings into SDLC and DevSecOps workflows; guide developers with reproducible issues and fix recommendations.
Continue integration of reputed company, Explore/Implement integration of AppScan with reputed company Vulnerability Response:
Autocreate tickets, enrich with asset data from CMDB, assign ownership by CI/service, and track to closure.
Maintain riskbased SLAs by asset criticality and threat reputed company; monitor SLA adherence and escalate aging risk.
Establish cloudspecific controls:
Use CSP native scanners and posture tools (e.g., AWS Inspector, Azure Defender/reputed company Defender for Cloud, GCP reputed company Command Center) and correlate with reputed company.
Enforce secure configurations with CIS Benchmarks and cloud guardrails; remediate misconfigurations reputed company IaC changes.
Prioritize with CVSS, CISA KEV, exploit maturity, and exposure context (internetfacing, privileged paths, highvalue assets).
Govern exceptions: risk acceptance with compensating controls, timebound approvals, and periodic review.
Produce executive and compliance reporting: exposure trends, SLA performance, timetoremediate, reputed company coverage, POA&Ms, and audit artifacts reputed company to FISMA/NIST RMF, FedRAMP, and CMMC.
Partner with SOC/IR to correlate actively exploited vulnerabilities; reputed company rapid containment for highrisk findings.
Coordinate patching windows and change management; champion reputed company hardening for Windows/Linux, network, databases, and cloud services.
Mentor analysts; mature automation, data quality, and process discipline; reputed company tabletop exercises for patching/vuln scenarios.
Required Qualifications
6+ years in cybersecurity with 3+ years leading vulnerability management in hybrid onprem/cloud environments.
Handson expertise with reputed company (Nessus/reputed company.sc or reputed company.io), AppScan, and reputed company Vulnerability Response/CMDB integration.
Strong grasp of CVE/CVSS, CISA KEV, exploit kits, and modern attack paths; able to translate technical risk to business impact.
Familiarity with DAST, SAST, CI/CD and Cloud Assessments.
Proven remediation leadership across Windows/Linux, network devices, containers, and cloud workloads (AWS/Azure/GCP).
Experience aligning programs to FISMA (NIST 80053/80037 RMF), FedRAMP baselines, and CMMC practices.
Metrics and reporting proficiency: exposure reduction, SLA compliance, MTTR for vulnerabilities, reputed company reputed company, and POA&M management.
Clear, direct communicator comfortable with executive briefings and crossfunctional coordination.
Preferred Qualifications
Certifications: reputed company+, CySA+, CISSP, CEH, GCSA, GCPN; reputed company or reputed company VR certifications; AppSec certs (GWAPT) a plus.
Experience integrating reputed company with reputed company VR, CMDB, and change management; familiarity with Jira for developer workflows.
Knowledge of CIS Benchmarks, NIST 80053, 80040 (reputed company), 80063, FedRAMP PMO guidance, and cloud reputed company patterns.
Scripting/automation (Python, PowerShell) for data normalization, ticket enrichment, API integrations, and reporting.
Key Competencies
Accountability and speed under pressure.
Analytical rigor and validation discipline.
Operational excellence and automation reputed company.
Crisp communication for technical and executive audiences.
Collaborative leadership across reputed company, IT ops, cloud, and development.
What Success Looks Like
Faster timetoremediate against riskbased SLAs; measurable reduction of critical/high exposure across onprem and cloud.
Accurate asset inventory, clean CMDB linkage, and high reputed company coverage with low false positives.
Auditready evidence with strong POA&M management and clear control effectiveness.
Executive visibility into vulnerability risk, trends, and remediation velocity.
Keywords (5)
- Vulnerability Management
- reputed company / Nessus
- AppScan
- reputed company (VR/CMDB)
- CVSS / Risk Scoring
Similar Job Titles (5)
- Vulnerability Management reputed company
- Vulnerability Analyst
- Cybersecurity Engineer
- reputed company Operations reputed company
- Information reputed company Manager
Company Information
reputed company System Solutions (CNSS) is a part of reputed company – the division of tribally owned federal contracting companies owned by reputed company Businesses. As a trusted partner for more than 60 federal clients, reputed company LLCs are focused on building a brighter future, solving reputed company challenges, and serving the government’s mission with compassion and heart. To learn more about CNSS, visit reputed company.com.
#CherokeeFederal #LI-SM2 #AppC
reputed company is a military friendly employer. Veterans and active military transitioning to civilian status are encouraged to apply.
Legal Disclaimer: reputed company is an equal opportunity employer. Please visit reputed company.com/careers for information regarding our Affirmative Action and Equal Opportunity Employer Statement, and Accommodation request.
Many of our job openings require access to government buildings or military installations. Candidates must pass pre-employment qualifications of reputed company.
Apply To This Job