Vulnerability Manager
Sterling, VA (Hybrid/Remote)
Applications have closed
Dark Wolf Solutions
The Alphaof technology Dark Wolf Solutions operates at the nexus of mission and technology to meet our Nation's most challenging missions. JOIN THE PACK Connect Our Background About Us We combine the most innovative emerging technologies with...Dark Wolf Solutions is looking for a Vulnerability Manager to join our team. The successful candidate will will have relevant experience working across large enterprises with many locations and multiple networks. Day to day tasks will require working with large technical teams to scope, schedule, and remediate any vulnerabilities identified. The successful candidate will be responsible for working with the cyber security policy teams to ensure updated and accurate vulnerability information is being logged and reported.
Tasks may include assisting with:
- Taking the lead on reviewing vulnerabilities' data from multiple sources (i.e. external / internal penetration testing, internal / external vulnerability scanning, etc.) across multiple technologies to determine remediation path and schedule.
- Actively partnering with technology and tools teams to review vulnerabilities, plan remediation, monitor plan, schedule rescan, and report.
- Providing analysis and validation post remediation, opportunities for improvements and out of the box thinking for optimizations and solving road blocks.
- Developing vulnerability dashboard requirements to provide technical teams and executive leadership key data.
- Tracking and reporting the status of vulnerabilities and their remediation on a weekly basis.
- Developing and managing program vulnerability management standard operating procedures and processes that meet the client's vulnerability policies.
- Assisting in ensuring scan results are presented in appropriate dashboards, reports, and forwarded to other data systems as necessary.
- Assisting technical teams with the identification of baselines that will be subsequently scanned for compliance.
- Updating and maintaining project management artifacts, such as, risk registers, budgets, staffing plans, etc.
- Guiding technical and security teams in the development of POA&M’s as needed for vulnerabilities that have/will miss criticality timeframe targets.
- Improving and automating the existing vulnerability management lifecycle, including but not limited to: data ingestion & normalization, compliance metrics and detections on assets, composing reports and conducting briefings on the current posture of the organization.
- Staying current with vulnerability information across all of the technologies being used corporation wide.
- Working to effectively communicate the risks of identified vulnerabilities and providing input to recommendations regarding the selection of cost-effective security controls to mitigate identified risks.
- Scheduling and performing reoccurring and on demand vulnerability and compliance scanning activities of both on-premise and cloud environments utilizing enterprise platforms.
- Assisting with the interfacing of third-party vendors and other groups to improve the overall security posture.
- Continuously investigating means of improvement for the security posture within the Enterprise as it relates to vulnerability management.
- 5 years of related experience within professional services, vulnerability management, and compliance monitoring
- Previous experience working in classified environments
- Demonstrated experience leading cybersecurity vulnerability management to include: analysis, recommendation and assistance with remediation
- Strong working knowledge of the Qualys scanning tool
- Technical understanding of a variety of technical concepts with focus on cloud computing, automation, networking, systems administration (Windows and Linux), application development, and information security best practices
- Bachelor's degree in Computer Science, Information Technology, Cyber Security, or related discipline
- US Citizenship and active Secret security clearance
Desired Qualifications:
- IT certifications such as:
- Certified Vulnerability Assessor (CVA)
- Certified Ethical Hacker (CEH)
- CIPP (Certified Information Privacy Professional)
- CRISC (Certified in Risk and Information Systems Control), CISA (Certified Information System Auditor)
- CISSP (Certified Information Security Professional) or CISM (Certified Information Systems Manager) is a plus.
- Masters degree in a technical field
We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.
Tags: Automation CEH CIPP CISA CISM CISSP Clearance Cloud Compliance Computer Science CRISC Linux Monitoring Pentesting POA&M Privacy Qualys Security Clearance Vulnerabilities Vulnerability management Windows
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs