Vulnerability Manager

Dark Wolf Solutions is looking for a Vulnerability Manager to join our team. The successful candidate will will have relevant experience working across large enterprises with many locations and multiple networks. Day to day tasks will require working with large technical teams to scope, schedule, and remediate any vulnerabilities identified. The successful candidate will be responsible for working with the cyber security policy teams to ensure updated and accurate vulnerability information is being logged and reported.

Tasks may include assisting with:

• Taking the lead on reviewing vulnerabilities' data from multiple sources (i.e. external / internal penetration testing, internal / external vulnerability scanning, etc.) across multiple technologies to determine remediation path and schedule.
• Actively partnering with technology and tools teams to review vulnerabilities, plan remediation, monitor plan, schedule rescan, and report.
• Providing analysis and validation post remediation, opportunities for improvements and out of the box thinking for optimizations and solving road blocks.
• Developing vulnerability dashboard requirements to provide technical teams and executive leadership key data.
• Tracking and reporting the status of vulnerabilities and their remediation on a weekly basis.
• Developing and managing program vulnerability management standard operating procedures and processes that meet the client's vulnerability policies.
• Assisting in ensuring scan results are presented in appropriate dashboards, reports, and forwarded to other data systems as necessary.
• Assisting technical teams with the identification of baselines that will be subsequently scanned for compliance.
• Updating and maintaining project management artifacts, such as, risk registers, budgets, staffing plans, etc.
• Guiding technical and security teams in the development of POA&M’s as needed for vulnerabilities that have/will miss criticality timeframe targets.
• Improving and automating the existing vulnerability management lifecycle, including but not limited to: data ingestion & normalization, compliance metrics and detections on assets, composing reports and conducting briefings on the current posture of the organization.
• Staying current with vulnerability information across all of the technologies being used corporation wide. 
• Working to effectively communicate the risks of identified vulnerabilities and providing input to recommendations regarding the selection of cost-effective security controls to mitigate identified risks.
• Scheduling and performing reoccurring and on demand vulnerability and compliance scanning activities of both on-premise and cloud environments utilizing enterprise platforms.
• Assisting with the interfacing of third-party vendors and other groups to improve the overall security posture.
• Continuously investigating means of improvement for the security posture within the Enterprise as it relates to vulnerability management.

Required Qualifications:

• 5 years of related experience within professional services, vulnerability management, and compliance monitoring
• Previous experience working in classified environments 
• Demonstrated experience leading cybersecurity vulnerability management to include: analysis, recommendation and assistance with remediation
• Strong working knowledge of the Qualys scanning tool
• Technical understanding of a variety of technical concepts with focus on cloud computing, automation, networking, systems administration (Windows and Linux), application development, and information security best practices
• Bachelor's degree in Computer Science, Information Technology, Cyber Security, or related discipline
• US Citizenship and active Secret security clearance

Desired Qualifications:

• IT certifications such as: 
  
  • Certified Vulnerability Assessor (CVA)
  • Certified Ethical Hacker (CEH)
  • CIPP (Certified Information Privacy Professional)
  • CRISC (Certified in Risk and Information Systems Control), CISA (Certified Information System Auditor)
  • CISSP (Certified Information Security Professional) or CISM (Certified Information Systems Manager) is a plus.
• Masters degree in a technical field

  This position is located in Sterling, VA with remote flexibility but on site for two days per week. The salary range for this position is $145,000-$160,000 commensurate on experience. 
We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories.

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.