Vulnerability Manager Level 2 with Security Clearance

Job Duties * Vulnerability management requires preemptive actions to identify, remediate, and mitigate vulnerabilities to prevent exploitation. * The VM receives vulnerability input, direction, and guidance from multiple sources and takes directed action to effectively mitigate vulnerabilities in order to protect networks. * Leverages an operational understanding of current vendor remediation''s to prioritize vulnerability escalation procedures and integrates continuous monitoring to ensure mitigations fall within prescribed timelines.Required Skills: * US Citizens Only* Active TS/SCI Clearance and Polygraph required* Minimum of four (4) years of demonstrated experience as a VM in programs and contracts of similar scope, type, and complexity is required.* A technical bachelor''s degree from an accredited college or university may be substituted for two (2) years of VM experience on projects of similar scope, type, and complexity.* Two (2) years of demonstrated experience in technical reporting.* Two (2) years of demonstrated experience in network and threat analysis.* Knowledge of cyber threats and vulnerabilities.* Determine overall Common Vulnerabilities and Exposures (CVE) priority when threat activity is identified; report incidents that may cause immediate and/or ongoing impact to the environment.* Monitor and provide periodic system owners vulnerability mitigation completion updates.* Knowledge of system and application security threats, vulnerabilities, and cyber attackers.* Monitor external data sources to determine which security issues may have an impact on the enterprise.* Identify, develop, and determine mitigation or remediation actions for system and network vulnerabilities.* Communicate written and verbal information in a timely, clear, and concise manner.* Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).* Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks)* Knowledge of system administration, network, operating system hardening techniques, and the risk management process.* Knowledge of specific operational impacts of cybersecurity lapses and organization''s threat environment.* Recommend impact/risk assessments to identify systemic security issues based on the analysis of vulnerability and configuration data.* Document and escalate incidents (including event''s history, status, and potential impact for further action); recommend mitigations that will have immediate impact to the environment.* Perform after-action reviews of team products to ensure completion of analysis.* Lead and mentor team members as a technical expert.

Created: 2025-11-15