Sr IT Security/Vulnerability Management Specialist
AAC
Sr IT Security/Vulnerability Management Specialist AAC is seeking Senior Security Analyst focusing on Vulnerability Management to join our security compliance team. In this role, you will work closely with the Information Systems Security Officer (ISSO) and play a critical part in safeguarding organization’s IT infrastructure. You will be part of a broader IT program that provides end-to-end support—including help desk, systems, network, incident response and security services—ensuring the availability, integrity, and confidentiality of mission‑critical systems. Responsibilities Lead the agency’s vulnerability management lifecycle using Tenable.sc, Tenable.io, Nessus Manager, and Nessus scanners (on‑prem and cloud). Analyze, prioritize, and track remediation of vulnerabilities in coordination with IT operations and system owners. Maintain scan schedules, asset groups, scan policies dashboards, and reports tailored to agency infrastructure and communicate risk posture and remediation progress to relevant infrastructure, application, and cloud teams to remediate vulnerabilities. Define the scanner and security center architecture, refine data flows and synchronizations, tune scanning configurations to minimize false positives and ensure the best coverage. Develop and maintain documentation for system setup, operation, vulnerability management processes, exceptions, and remediation tracking. Support implementation of security projects that require compliance with relevant government policies or standards. Act as SME for vulnerability management tools and processes. Ensure systems and practices comply with FISMA and FedRAMP‑related Security Assessment and Authorization (SA&A) and compliance for the organization’s IT programs. Assist in coordination, implementation, communication, and enforcement of the organization’s IT security policies. Support incident response. The position requires on‑site presence 3 to 5 days per week. The on‑site requirements are subject to change based on the needs and requirements of the organization. Required Experience Requirements: Requires bachelor’s degree in computer science, cyber security, engineering, or a related technical field. Additional experience and relevant certifications may be considered in lieu of a degree. 5-7 years of progressive and related experience in IT security with at least 3 years in vulnerability management. Expert knowledge of IT security vulnerabilities and risk assessments with the ability to explain the risks associated with them to executives, program, and technology staff. Expert knowledge of Tenable.sc (on‑prem) and Tenable.io (cloud). Strong knowledge of vulnerability management lifecycle, patch management, and risk scoring (e.g., CVSS2). Familiarity with cloud platforms (AWS and GCP) and hybrid environments. Understanding of Windows, Linux/Unix, and network devices security hardening. Ability to work with program staff, executives, security application vendors and technology staff to achieve IT security goals and objectives. Experience developing and maintaining Security Assessment and Authorization (SA&A) documentation for large IT systems for the Federal Government. Excellent working experience in applying FISMA, and FedRAMP processes and policies to information systems. Experience with Checkmarx and Checkmarx One (SaaS). Migration experience to Checkmarx One is desirable. Strong communication skills (both technical and non‑technical) and ability to collaborate across IT, security, and business units. Ability to effectively communicate orally and in writing. Experience supporting a nationwide mid‑to large Federal agency enterprise is a plus. CISSP certification required (ability to obtain within 6 months of start). Must obtain an agency public trust suitability determination prior to start date. Desired Qualifications Experience with scripting and automation (e.g., Python, PowerShell) to automate scanning tasks, reporting, and API integrations; administration and operation of security scanning and vulnerability management platforms such as Nessus. Deep expertise with SIEM platforms and integration of vulnerability data into enterprise monitoring. Understanding of the Secure Software Development Life Cycle. Master’s degree or additional security or cloud certifications (e.g., CISM). #J-18808-Ljbffr AAC
$70 - $80 per hour
We are seeking a Senior Security Analyst / Vulnerability Management Lead to join our security compliance team. In this role, you will work closely with the... ...a critical part in safeguarding the organization’s IT infrastructure. You will be part of a broader IT program...SeniorContract workTemporary workWork experience placement- ...Arlington, Virginia. The ideal candidate will be a Subject Matter Expert in Department of Defense infrastructure and will conduct vulnerability assessments on various infrastructure elements, including water and HVAC systems. Qualifications include a Bachelor's degree in...Senior
$100k - $141.3k
...opportunities to learn, grow, and make an impact. Join us! The Role We are seeking a skilled and motivated Cloud Security Vulnerability Management Program Specialist to support the Cloud Security Assurance (CSA) organization by ensuring enterprise cloud workloads are...SuggestedWork at officeShift workDay shift- Aac-Inc is looking for a Senior IT Security/Vulnerability Management Specialist in Bethesda, Maryland. In this key role, you will lead the vulnerability management lifecycle and closely collaborate with teams to ensure compliance with federal standards. You should have...Senior3 days per week
$140.5k - $210k
...and measures to protect the Board’s IT assets and ensure the Board’s... ...defense in depth solution with a central security information and event management (SIEM) system and security... ...remediation. Oversees implementation of vulnerability scans and ensures operational systems...SeniorFull timeWork at office- kozmetickesluzby.vecnakraska.sk - Jobboard is seeking a Cybersecurity Vulnerability Analyst (Incident Manager III) in Arlington, Virginia. This role focuses on... ...across locations. Required skills include network security knowledge and hands-on experience as a SOC Analyst or...Senior
$67.7k - $90.27k
...expansive fiber network and connected ecosystem. We enable secure, high-performance connectivity across cloud, edge, and AI workloads... ...Security Advisory Services is hiring a Cloud Security & Vulnerability Management consultant to join a team that delivers customer-facing...Temporary workRemote workLumen Inc
Washington DC3 days ago$70 - $80 per hour
TEKsystems is seeking a Senior Security Analyst / Vulnerability Management Lead in Bethesda, MD. In this hybrid role, you will oversee the vulnerability management... ...remediation of risks while collaborating with IT and security teams. The ideal candidate will possess a...SeniorHourly pay- A leading cybersecurity consultancy is seeking a Cybersecurity Vulnerability Analyst based in Arlington, VA. The role requires an active Top Secret Security Clearance and 5+ years of experience, focusing on vulnerability analysis for federal clients. Candidates must exhibit...Senior
- GEICO is seeking a Senior Staff Software Engineer in Bethesda, MD to lead cybersecurity initiatives focused on vulnerability management. The role requires a proven track record in full-stack development, DevSecOps, and architecture in high-performance systems. The ideal...Senior
$140.5k
...and/or participates in designing and implementing security measures to meet the needs of the organization’s IT systems. Develops an expert understanding of... ...Oversees and/or participates in implementing risk management and continuous monitoring activities for technology...SeniorWork at officeRelocation- ...Principal Vulnerability Researcher Zetier is seeking Principal Vulnerability Researchers to analyze and counter malicious software and... ...(gdb, Binja, IDA Pro) Ability to obtain and maintain a U.S. security clearance Desired Experience developing/defeating mitigations...
Zetier
Arlington, VA1 day ago - Fusion Technology is seeking an Information Systems Security Officer (ISSO) in Washington, DC. The ideal candidate will have a Bachelor... ...include implementing security practices, conducting vulnerability scans, and serving as a liaison for IS security. Fusion Technology...Senior
- ...advanced protection and secrecy solutions to secure and strengthen critical missions,... ...activities. We are seeking a Personnel Security Specialist Sr. to join our team to help contribute to... ...requirement found in JADE SOP Manage program quota roster Maintain tracking numbers...Senior
- ...Senior Cloud Security Specialist 100% ONSITE in Washington DC Per Federal... ...DESCRIPTION: The IT Security Engineering team is... ...related to Identity and Access Management (IAM), security engineering... ...zero trust, DevSecOps and vulnerability management. Technical...SeniorContract workLocal area
$88.4k - $154.7k
...Physical Security Specialist (PhySS) In a world of possibilities, pursue one with endless... ...with stakeholders to address security vulnerabilities and implement corrective actions.... ...Provide training on SCIF protocols and manage documentation for accreditation and compliance...Flexible hoursNavstar
Bethesda, MD3 days ago$135k - $182.1k
...Overview Global Information Security (GIS) is responsible for protecting... ...strategy and policy, manages the Information Security program... ..., identifies and addresses vulnerabilities and operates global security... ...and Access Management (IAM) Specialist to lead access provisioning...SeniorWork at officeShift workDay shift- The Downtown Boulder Partnership is seeking a Sr. SCCM Systems Security Engineer to join their team in Washington, D.C. This role involves managing server patches, emphasizing security posture during deployments, and ensuring compliance with FISMA and RMF standards. Strong...Senior
- ...Job Description Personnel Security Specialist Senior SiloSmashers is seeking... ...defined system of record, management, workflow, or tracking... ...discern potential security vulnerabilities and to identify viable investigative... ...various Federal LE and IC IT systems for conducting...SeniorContract workWork at officeLocal area
SiloSmashers
Washington DC7 days ago - KeenLogic is looking for an IT Security Operations Analyst to support Federal Prison Industries (UNICOR) within the U.S. Department... ...the security and compliance of enterprise systems through vulnerability management, security operations support, and patch management. This...Remote jobFull time
- Terrestris Global Solutions is seeking an IT Security Operations Analyst to support the IT Technology Services contract. This role is... ...Clearance and have at least two years of experience in patch management. Along with competitive pay, Terrestris offers a range of benefits...Remote jobContract work
- About the Company Our client has deep expertise in Vulnerability Research, CNO Development, Reverse Engineering, and Penetration Testing. They support the defense and intelligence communities along with commercial clients. Founded by engineers, they have their own fixed...Contract work
- Booz Allen Hamilton is seeking a Vulnerability Assessment Analyst in Alexandria, Virginia. You will... ...recommend remediation actions to ensure system security. The ideal candidate has extensive experience in vulnerability management and holds relevant information security...Senior
$107.9k - $195.05k
A leading technology firm seeks an experienced Vulnerability Assessor in Arlington, VA. The role involves assessing and managing vulnerabilities, configuring security scans, and collaborating with teams to enhance cybersecurity capabilities. The ideal candidate should have...Senior- Cyber Security Incident and Event Management/Elastic Specialist US CITIZEN ONLY. SECRET CLEARANCE REQUIRED. MUST HAVE IT-II... ...or SOC teams Coordinating with IT or DevOps for containment and... ...include assistance with monitoring Vulnerability Management tools, such as ACAS...
- Security Specialist I - III Lexical Intelligence provides software and services related... ...security and compliance, vulnerability assessment and risk management, and cloud and application security... ...within a team of multidisciplinary IT professionals including DevOps engineers...Contract workTemporary workFor contractorsFor subcontractorWork at officeLocal area
$108.32k - $124.57k
...in cybersecurity controls, risk management, and compliance helps organizations securely deliver impactful services?... ...seeking 2 highly skilled Security Specialists to support our client’s mission... ...day‑to‑day security monitoring (vulnerability scanning, log review, and event...Full timeWork at officeRemote workFlexible hours- ASRC Federal Holding Company is looking for a Vulnerability Assessor in Alexandria, VA. This role involves conducting vulnerability assessments and enhancing the organization’s cybersecurity posture. The ideal candidate will have a Bachelor’s degree in a related field and...Senior
- Booz Allen Hamilton is seeking a Vulnerability Assessment Analyst to support the Army by identifying and reporting security vulnerabilities. This role involves performing vulnerability... ...5 years of experience in vulnerability management, possess TS/SCI clearance, and have...SeniorRemote job
- ...Bethesda, Maryland seeks an experienced Information Systems Security Engineer (ISSE) SME. You will design and implement secure information... ...collaboration with multidisciplinary teams, conducting vulnerability assessments, and ensuring compliance with cybersecurity...SeniorFor contractors
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Sr IT Security/Vulnerability Management Specialist. Be the first to apply!
- cyber security analyst Bethesda, MD
- information security consultant Bethesda, MD
- senior information security analyst Bethesda, MD
- security specialist Bethesda, MD
- security advisor Bethesda, MD
- security consultant Bethesda, MD
- security coordinator Bethesda, MD
- network security consultant Bethesda, MD
- senior data management analyst Bethesda, MD
- senior app developer Bethesda, MD