Sr IT Security/Vulnerability Management Specialist
AAC
Sr IT Security/Vulnerability Management Specialist AAC is seeking Senior Security Analyst focusing on Vulnerability Management to join our security compliance team. In this role, you will work closely with the Information Systems Security Officer (ISSO) and play a critical part in safeguarding organization’s IT infrastructure. You will be part of a broader IT program that provides end-to-end support—including help desk, systems, network, incident response and security services—ensuring the availability, integrity, and confidentiality of mission‑critical systems. Responsibilities Lead the agency’s vulnerability management lifecycle using Tenable.sc, Tenable.io, Nessus Manager, and Nessus scanners (on‑prem and cloud). Analyze, prioritize, and track remediation of vulnerabilities in coordination with IT operations and system owners. Maintain scan schedules, asset groups, scan policies dashboards, and reports tailored to agency infrastructure and communicate risk posture and remediation progress to relevant infrastructure, application, and cloud teams to remediate vulnerabilities. Define the scanner and security center architecture, refine data flows and synchronizations, tune scanning configurations to minimize false positives and ensure the best coverage. Develop and maintain documentation for system setup, operation, vulnerability management processes, exceptions, and remediation tracking. Support implementation of security projects that require compliance with relevant government policies or standards. Act as SME for vulnerability management tools and processes. Ensure systems and practices comply with FISMA and FedRAMP‑related Security Assessment and Authorization (SA&A) and compliance for the organization’s IT programs. Assist in coordination, implementation, communication, and enforcement of the organization’s IT security policies. Support incident response. The position requires on‑site presence 3 to 5 days per week. The on‑site requirements are subject to change based on the needs and requirements of the organization. Required Experience Requirements: Requires bachelor’s degree in computer science, cyber security, engineering, or a related technical field. Additional experience and relevant certifications may be considered in lieu of a degree. 5-7 years of progressive and related experience in IT security with at least 3 years in vulnerability management. Expert knowledge of IT security vulnerabilities and risk assessments with the ability to explain the risks associated with them to executives, program, and technology staff. Expert knowledge of Tenable.sc (on‑prem) and Tenable.io (cloud). Strong knowledge of vulnerability management lifecycle, patch management, and risk scoring (e.g., CVSS2). Familiarity with cloud platforms (AWS and GCP) and hybrid environments. Understanding of Windows, Linux/Unix, and network devices security hardening. Ability to work with program staff, executives, security application vendors and technology staff to achieve IT security goals and objectives. Experience developing and maintaining Security Assessment and Authorization (SA&A) documentation for large IT systems for the Federal Government. Excellent working experience in applying FISMA, and FedRAMP processes and policies to information systems. Experience with Checkmarx and Checkmarx One (SaaS). Migration experience to Checkmarx One is desirable. Strong communication skills (both technical and non‑technical) and ability to collaborate across IT, security, and business units. Ability to effectively communicate orally and in writing. Experience supporting a nationwide mid‑to large Federal agency enterprise is a plus. CISSP certification required (ability to obtain within 6 months of start). Must obtain an agency public trust suitability determination prior to start date. Desired Qualifications Experience with scripting and automation (e.g., Python, PowerShell) to automate scanning tasks, reporting, and API integrations; administration and operation of security scanning and vulnerability management platforms such as Nessus. Deep expertise with SIEM platforms and integration of vulnerability data into enterprise monitoring. Understanding of the Secure Software Development Life Cycle. Master’s degree or additional security or cloud certifications (e.g., CISM). #J-18808-Ljbffr AAC
- ...Performed AnaVation is seeking a Sr. Security Specialist (ISSO) for our mission... ..., and experienced in managing the security of a system's... ...Authority to Operate (ATO) for IT systems Creating and maintaining... ...Ms Reviewing and analyzing vulnerability scan data and providing...SeniorTemporary workWork at officeImmediate start
$140.5k - $210.5k
Sr. Cybersecurity Analyst II (Sr Vulnerability Analyst) - Information Technology Primary Location: DC‑Washington... ...to protect the Board’s IT assets. Utilizes firewalls,... ...protection, data analysis platforms, security information and event management (SIEM) systems, and security...SeniorWork at officeRelocation- ...Technology LLC seeks an experienced IT Systems Security Operations Analyst to support federal... ...DC. This full-time position involves managing enterprise cybersecurity operations and... ...experience in patch management and vulnerability management, as well as familiarity with...SuggestedFull timeRemote work
- Aac-Inc is looking for a Senior IT Security/Vulnerability Management Specialist in Bethesda, Maryland. In this key role, you will lead the vulnerability management lifecycle and closely collaborate with teams to ensure compliance with federal standards. You should have...Senior3 days per week
- kozmetickesluzby.vecnakraska.sk - Jobboard is seeking a Cybersecurity Vulnerability Analyst (Incident Manager III) in Arlington, Virginia. This role focuses on... ...across locations. Required skills include network security knowledge and hands-on experience as a SOC Analyst or...Senior
- ...cybersecurity professional to design and deploy security controls to protect vital systems and... ...experience with a strong grasp of vulnerability management and risk assessment. The ideal candidate will collaborate with IT teams, conduct security reviews, and develop...Senior
$140.5k - $210k
...and measures to protect the Board’s IT assets and ensure the Board’s... ...defense in depth solution with a central security information and event management (SIEM) system and security... ...remediation. Oversees implementation of vulnerability scans and ensures operational systems...SeniorFull timeWork at office- ...cybersecurity services company is seeking a full-time Endpoint Vulnerability Management SME to join their team in Bethesda, MD. The ideal candidate... ...a related field and 5-10 years of experience in endpoint security. This role offers benefits such as health insurance and a 4...SeniorFull time
- VTG Defense is seeking an Information Systems Security Engineer (ISSE) to design, implement, and maintain security controls across... ...with ISSOs, system administrators, and developers to remediate vulnerabilities, perform risk analyses, and ensure robust security...Senior
- A leading cybersecurity consultancy is seeking a Cybersecurity Vulnerability Analyst based in Arlington, VA. The role requires an active Top Secret Security Clearance and 5+ years of experience, focusing on vulnerability analysis for federal clients. Candidates must exhibit...Senior
- ...Washington D.C., is looking for cybersecurity specialists ready to tackle critical cybersecurity... ...Top Secret clearance, 5-7 years of IT security experience, and a strong background in... ...security policies, and analyzing vulnerability assessments. Join a team of exceptional...Senior
- ...is recruiting cybersecurity specialists who want to challenge... ...clients to help solve national security problems. Job Description... ...Compliance, Information Assurance Vulnerability Management Compliance, Inspection... ...) 5-7 years experience in IT security, including Certification...Senior
- Diverse Systems Group, LLC seeks an Information Assurance/Security Specialist to safeguard the confidentiality, integrity, and availability of Walter Reed National Military Medical Center information systems. You will implement security controls, conduct risk assessments...Senior
- ...and services integrator in Washington is seeking a Risk and Vulnerability Analyst II to support its vulnerability assessment and risk analysis... ...scan issues, and improving enterprise visibility into security weaknesses. Candidates should have 3-5 years of security-related...Contract workWeekend workAfternoon shift
- ...Senior Cloud Security Specialist 100% ONSITE in Washington DC Per Federal... ...DESCRIPTION: The IT Security Engineering team is... ...related to Identity and Access Management (IAM), security engineering... ...zero trust, DevSecOps and vulnerability management. Technical...SeniorContract workLocal area
- Fusion Technology is seeking an Information Systems Security Officer (ISSO) in Washington, DC. The ideal candidate will have a Bachelor... ...include implementing security practices, conducting vulnerability scans, and serving as a liaison for IS security. Fusion Technology...Senior
$80k - $130k
Overview VTG is seeking a Sr. Information System Security Specialist to support the Navy located at the Washington... ...a working knowledge of the Risk Management Framework (RMF) process and/or include... ...processes. Plan and coordinate the IT security program and policies...SeniorContract workWork experience placement- ...Principal Vulnerability Researcher Zetier is seeking Principal Vulnerability Researchers to analyze and counter malicious software and... ...gdb, Binja, IDA Pro) Ability to obtain and maintain a U.S. security clearance Desired: Experience developing/defeating...
$88.4k - $154.7k
...Physical Security Specialist (PhySS) In a world of possibilities, pursue one with endless... ...with stakeholders to address security vulnerabilities and implement corrective actions.... ...Provide training on SCIF protocols and manage documentation for accreditation and compliance...Flexible hours- ...Senior Cloud Security Specialist 100% ONSITE in Washington DC Per Federal... ...DESCRIPTION: The IT Security Engineering team is... ...related to Identity and Access Management (IAM), security engineering... ...zero trust, DevSecOps and vulnerability management. Technical...SeniorContract workLocal area
- A leading security services provider is seeking a Senior Security Test & Evaluation Analyst to implement extensive security testing and assess vulnerabilities. The role requires deep expertise in ethical hacking, network security, and the ability to conduct thorough security...Senior
$104.73k - $160k
Mission Technologies, a division of HII, is seeking an Information System Security Manager (ISSM) based in Alexandria, VA. The ideal candidate will generate and maintain security documentation, certify classified networks, and manage compliance with security regulations...Senior- ...Overview Global Information Security (GIS) is responsible for... ...Security strategy and policy, manages the Information Security program... ..., identifies, and addresses vulnerabilities and operates global security... ...and Access Management (IAM) Specialist to lead access provisioning...SeniorWork at officeShift workDay shift
- Terrestris Global Solutions is seeking an IT Security Operations Analyst to support the IT Technology Services contract. This role is... ...Clearance and have at least two years of experience in patch management. Along with competitive pay, Terrestris offers a range of benefits...Remote jobContract work
$131.3k - $237.35k
...role demands active TS/SCI clearance and over 12 years of experience in cybersecurity engineering. The Cyber Engineer will analyze security requirements, design secure solutions, conduct audits, and support documentation throughout the system development life cycle....SeniorFull time- ...is seeking a Senior Penetration Testing, Software Assurance and Vulnerability Assessment Engineer to support DHS CIETS in the DC Metro area. The role requires identifying vulnerabilities, assessing security posture, and providing remediation guidance across classified...Senior
$107.9k - $195.05k
A leading technology firm seeks an experienced Vulnerability Assessor in Arlington, VA. The role involves assessing and managing vulnerabilities, configuring security scans, and collaborating with teams to enhance cybersecurity capabilities. The ideal candidate should have...Senior- Cyber Security Incident and Event Management/Elastic Specialist US CITIZEN ONLY. SECRET CLEARANCE REQUIRED. MUST HAVE IT-II... ...or SOC teams Coordinating with IT or DevOps for containment and... ...include assistance with monitoring Vulnerability Management tools, such as ACAS...
- Security Management Specialist Journeyman Dynamo Technologies LLC has an immediate need for a Journeyman Security Management Specialist to support... ...management, and lifecycle support. Identify security vulnerabilities and implement preventive measures. Oversee and...Work experience placementImmediate start
- ...Diverse Systems Group, LLC is seeking an Information Assurance/Security Specialist to play a pivotal role in safeguarding the integrity,... ...recommendations and solutions to mitigate potential threats and vulnerabilities. Assist in implementing and maintaining security controls...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Sr IT Security/Vulnerability Management Specialist. Be the first to apply!
- information security consultant Bethesda, MD
- cyber security analyst Bethesda, MD
- security advisor Bethesda, MD
- senior security analyst Bethesda, MD
- security coordinator Bethesda, MD
- security specialist Bethesda, MD
- senior information security analyst Bethesda, MD
- network security consultant Bethesda, MD
- security systems specialist Bethesda, MD
- security consultant Bethesda, MD

