Security Vulnerability Team Lead

Hello,
Hope you are doing well,

Job: PennDOT - TAS2 A4 SC2 (Security Vulnerability Team Lead) (760722)
Location : Harrisburg, PA.
Duration: Long Term
Client : state of PA


PennDOT seeks a Security Vulnerability Team Lead.


Candidate must pass PATCH + required Pennsylvania State Police background check and cannot have any felony offenses.

***Initial interview is virtual via Teams and follow up is on site (PennDOT IT, 2221 Forster Street, G13, Harrisburg, PA 17103).***


***This position is currently remote and locally in the office when required.***


***For first day processing, possible badging and to pick up commonwealth-issued equipment candidate must physically report on site. PennDOT is not responsible for parking costs.***


***Client would prefer candidates that reside within two hours of Harrisburg, PA.***


***This position requires someone with exceptional written and verbal communication skills.***


***This requisition's current PO is funded through 6/30/25, so use that date in the RTR. Contract end date is dependent on the final schedule and projected needs. Historically additional funding should then last a year and occur from 7/1/25-6/30/26.***

Overview

A minimum of 5 years of experience is required for the position as well as each of the technical skillsets.

This candidate serves as the Security Vulnerability Team Lead within the Information Security Office of Pennsylvania's Infrastructure and Economic Development IT Delivery Center (IED DC) which includes the Department of Transportation (PennDOT), PA Emergency Management Agency (PEMA) and the Department of Community and Economic Development (DCED).

Job Responsibilities
• Primary role is as the subject matter expert (SME) for the management and administration of the delivery center's vulnerability management program.
• Conduct regular vulnerability assessments and tests to identify security weaknesses in systems and applications.
• Collaborate with compliance teams to ensure adherence to regulatory requirements and industry standards related to security vulnerabilities.
• Coordinate with IT and development teams to prioritize vulnerabilities and ensure timely remediation actions are taken.
• Stay informed about the latest security trends, threats, and best practices to continuously improve the vulnerability management process.
• Prepare and present vulnerability management reports to senior management, highlighting key findings and recommendations.
• Provide training and awareness programs for staff on security vulnerabilities and best practices for risk mitigation.
• Facilitate incident response activities related to vulnerabilities and coordinate with external partners as necessary.
• Demonstrates good judgement and problem-solving skills. Reacts and adapts to changing circumstances rapidly.
• Leverages Commonwealth incident tracking and ticketing systems to receive tasks from other units, delegate tasks to other units, prioritize daily tasks, document actions taken, and the final resolution for tasks completed.
• Provides on call and/or emergency support, including after-hours as needed.
• Adheres to established service management processes and procedures.
• Performs all other related duties as assigned.

Requirements
• Extensive experience with Tenable Security Center a must. Certifications are a plus.
• Familiarity with DAST tools such as Rapid 7 AppSpider.
• Technically proficient and experienced with Windows and Linux operating systems and system hardening.
• Knowledge of regulatory compliance standards relevant to cybersecurity
• Experience with risk assessment methodologies and frameworks (e.g., NIST, FAIR)
• Professional oral and written communication skills.
• Strong understanding of network protocols and technologies (e.g., OSI Model, TCP/IP, firewalls, intrusion detection systems)
• Excellent soft skills such as listening, presenting, and negotiating.
• Must pass required Pennsylvania State Police background check.
• Cannot have any felony offenses.
• Ability to work remotely/and locally when required.
•Extensive experience with Tenable Security Center a must. Certifications are a plus


Required


5


Years


Familiarity with DAST tools such as Rapid 7 AppSpider


Required


5


Years


Technically proficient and experienced with Windows and Linux operating systems and system hardening


Required


5


Years


Knowledge of regulatory compliance standards relevant to cybersecurity


Required


5


Years


Experience with risk assessment methodologies and frameworks (e.g., NIST, FAIR)


Required


5


Years


Strong understanding of network protocols and technologies (e.g., OSI Model, TCP/IP, firewalls, intrusion detection systems)


Required


5


Years


Excellent soft skills such as listening, presenting, and negotiating


Required

Must pass required Pennsylvania State Police background check and cannot have any felony offenses


Required

Ability to work remotely/and locally when required


Required

Professional oral and written communication skills

Thanks & Regards.

An E-Verify Company


DISCLAIMER: The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, re-transmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer or if you want to be REMOVED please reply with REMOVE in the Subject line of this email.