Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Sr IT Security/Vulnerability Management Specialist

AAC

Sr IT Security/Vulnerability Management Specialist AAC is seeking Senior Security Analyst focusing on Vulnerability Management to join our security compliance team. In this role, you will work closely with the Information Systems Security Officer (ISSO) and play a critical part in safeguarding organization’s IT infrastructure. You will be part of a broader IT program that provides end-to-end support—including help desk, systems, network, incident response and security services—ensuring the availability, integrity, and confidentiality of mission‑critical systems. Responsibilities Lead the agency’s vulnerability management lifecycle using Tenable.sc, Tenable.io, Nessus Manager, and Nessus scanners (on‑prem and cloud). Analyze, prioritize, and track remediation of vulnerabilities in coordination with IT operations and system owners. Maintain scan schedules, asset groups, scan policies dashboards, and reports tailored to agency infrastructure and communicate risk posture and remediation progress to relevant infrastructure, application, and cloud teams to remediate vulnerabilities. Define the scanner and security center architecture, refine data flows and synchronizations, tune scanning configurations to minimize false positives and ensure the best coverage. Develop and maintain documentation for system setup, operation, vulnerability management processes, exceptions, and remediation tracking. Support implementation of security projects that require compliance with relevant government policies or standards. Act as SME for vulnerability management tools and processes. Ensure systems and practices comply with FISMA and FedRAMP‑related Security Assessment and Authorization (SA&A) and compliance for the organization’s IT programs. Assist in coordination, implementation, communication, and enforcement of the organization’s IT security policies. Support incident response. The position requires on‑site presence 3 to 5 days per week. The on‑site requirements are subject to change based on the needs and requirements of the organization. Required Experience Requirements: Requires bachelor’s degree in computer science, cyber security, engineering, or a related technical field. Additional experience and relevant certifications may be considered in lieu of a degree. 5-7 years of progressive and related experience in IT security with at least 3 years in vulnerability management. Expert knowledge of IT security vulnerabilities and risk assessments with the ability to explain the risks associated with them to executives, program, and technology staff. Expert knowledge of Tenable.sc (on‑prem) and Tenable.io (cloud). Strong knowledge of vulnerability management lifecycle, patch management, and risk scoring (e.g., CVSS2). Familiarity with cloud platforms (AWS and GCP) and hybrid environments. Understanding of Windows, Linux/Unix, and network devices security hardening. Ability to work with program staff, executives, security application vendors and technology staff to achieve IT security goals and objectives. Experience developing and maintaining Security Assessment and Authorization (SA&A) documentation for large IT systems for the Federal Government. Excellent working experience in applying FISMA, and FedRAMP processes and policies to information systems. Experience with Checkmarx and Checkmarx One (SaaS). Migration experience to Checkmarx One is desirable. Strong communication skills (both technical and non‑technical) and ability to collaborate across IT, security, and business units. Ability to effectively communicate orally and in writing. Experience supporting a nationwide mid‑to large Federal agency enterprise is a plus. CISSP certification required (ability to obtain within 6 months of start). Must obtain an agency public trust suitability determination prior to start date. Desired Qualifications Experience with scripting and automation (e.g., Python, PowerShell) to automate scanning tasks, reporting, and API integrations; administration and operation of security scanning and vulnerability management platforms such as Nessus. Deep expertise with SIEM platforms and integration of vulnerability data into enterprise monitoring. Understanding of the Secure Software Development Life Cycle. Master’s degree or additional security or cloud certifications (e.g., CISM). #J-18808-Ljbffr AAC

Vacancy posted 3 days ago
Similar jobs that could be interesting for youBased on the Sr IT Security/Vulnerability Management Specialist in Bethesda, MD vacancy
  •  ...Performed AnaVation is seeking a Sr. Security Specialist (ISSO) for our mission...  ..., and experienced in managing the security of a system's...  ...Authority to Operate (ATO) for IT systems Creating and maintaining...  ...Ms Reviewing and analyzing vulnerability scan data and providing... 
    Senior
    Temporary work
    Work at office
    Immediate start

    AnaVation LLC

    Washington DC
    2 days ago
  • $140.5k - $210.5k

    Sr. Cybersecurity Analyst II (Sr Vulnerability Analyst) - Information Technology Primary Location: DC‑Washington...  ...to protect the Board’s IT assets. Utilizes firewalls,...  ...protection, data analysis platforms, security information and event management (SIEM) systems, and security... 
    Senior
    Work at office
    Relocation

    Federal Reserve System

    Washington DC
    3 days ago
  •  ...Technology LLC seeks an experienced IT Systems Security Operations Analyst to support federal...  ...DC. This full-time position involves managing enterprise cybersecurity operations and...  ...experience in patch management and vulnerability management, as well as familiarity with... 
    Suggested
    Full time
    Remote work

    Dynamic Solutions Technology LLC

    Washington DC
    10 hours ago
  • Aac-Inc is looking for a Senior IT Security/Vulnerability Management Specialist in Bethesda, Maryland. In this key role, you will lead the vulnerability management lifecycle and closely collaborate with teams to ensure compliance with federal standards. You should have... 
    Senior
    3 days per week

    AAC

    Bethesda, MD
    2 days ago
  • kozmetickesluzby.vecnakraska.sk - Jobboard is seeking a Cybersecurity Vulnerability Analyst (Incident Manager III) in Arlington, Virginia. This role focuses on...  ...across locations. Required skills include network security knowledge and hands-on experience as a SOC Analyst or... 
    Senior

    kozmetickesluzby.vecnakraska.sk - Jobboard

    Arlington, VA
    2 days ago
  •  ...cybersecurity professional to design and deploy security controls to protect vital systems and...  ...experience with a strong grasp of vulnerability management and risk assessment. The ideal candidate will collaborate with IT teams, conduct security reviews, and develop... 
    Senior

    Gravity Engineering Services Pvt Ltd.

    Arlington, VA
    2 days ago
  • $140.5k - $210k

     ...and measures to protect the Board’s IT assets and ensure the Board’s...  ...defense in depth solution with a central security information and event management (SIEM) system and security...  ...remediation. Oversees implementation of vulnerability scans and ensures operational systems... 
    Senior
    Full time
    Work at office

    Federal Reserve Board

    Washington DC
    3 days ago
  •  ...cybersecurity services company is seeking a full-time Endpoint Vulnerability Management SME to join their team in Bethesda, MD. The ideal candidate...  ...a related field and 5-10 years of experience in endpoint security. This role offers benefits such as health insurance and a 4... 
    Senior
    Full time

    Maveris

    Bethesda, MD
    10 hours ago
  • VTG Defense is seeking an Information Systems Security Engineer (ISSE) to design, implement, and maintain security controls across...  ...with ISSOs, system administrators, and developers to remediate vulnerabilities, perform risk analyses, and ensure robust security... 
    Senior

    VTG Defense

    Mc Lean, VA
    2 days ago
  • A leading cybersecurity consultancy is seeking a Cybersecurity Vulnerability Analyst based in Arlington, VA. The role requires an active Top Secret Security Clearance and 5+ years of experience, focusing on vulnerability analysis for federal clients. Candidates must exhibit... 
    Senior

    Node.Digital

    Arlington, VA
    4 days ago
  •  ...Washington D.C., is looking for cybersecurity specialists ready to tackle critical cybersecurity...  ...Top Secret clearance, 5-7 years of IT security experience, and a strong background in...  ...security policies, and analyzing vulnerability assessments. Join a team of exceptional... 
    Senior

    Qmulos

    Washington DC
    10 hours ago
  •  ...is recruiting cybersecurity specialists who want to challenge...  ...clients to help solve national security problems. Job Description...  ...Compliance, Information Assurance Vulnerability Management Compliance, Inspection...  ...) 5-7 years experience in IT security, including Certification... 
    Senior

    Qmulos

    Washington DC
    10 hours ago
  • Diverse Systems Group, LLC seeks an Information Assurance/Security Specialist to safeguard the confidentiality, integrity, and availability of Walter Reed National Military Medical Center information systems. You will implement security controls, conduct risk assessments... 
    Senior

    Vinstuen Femmeren jazzværtshus

    Bethesda, MD
    2 days ago
  •  ...and services integrator in Washington is seeking a Risk and Vulnerability Analyst II to support its vulnerability assessment and risk analysis...  ...scan issues, and improving enterprise visibility into security weaknesses. Candidates should have 3-5 years of security-related... 
    Contract work
    Weekend work
    Afternoon shift

    SOSi

    Washington DC
    2 days ago
  •  ...Senior Cloud Security Specialist 100% ONSITE in Washington DC Per Federal...  ...DESCRIPTION: The IT Security Engineering team is...  ...related to Identity and Access Management (IAM), security engineering...  ...zero trust, DevSecOps and vulnerability management. Technical... 
    Senior
    Contract work
    Local area

    System One

    Washington DC
    6 days ago
  • Fusion Technology is seeking an Information Systems Security Officer (ISSO) in Washington, DC. The ideal candidate will have a Bachelor...  ...include implementing security practices, conducting vulnerability scans, and serving as a liaison for IS security. Fusion Technology... 
    Senior

    Fusion Technology

    Washington DC
    4 days ago
  • $80k - $130k

    Overview VTG is seeking a Sr. Information System Security Specialist to support the Navy located at the Washington...  ...a working knowledge of the Risk Management Framework (RMF) process and/or include...  ...processes. Plan and coordinate the IT security program and policies... 
    Senior
    Contract work
    Work experience placement

    VT Group (VTG)

    Washington DC
    2 days ago
  •  ...Principal Vulnerability Researcher Zetier is seeking Principal Vulnerability Researchers to analyze and counter malicious software and...  ...gdb, Binja, IDA Pro) Ability to obtain and maintain a U.S. security clearance Desired: Experience developing/defeating... 

    Zetier

    Arlington, VA
    3 days ago
  • $88.4k - $154.7k

     ...Physical Security Specialist (PhySS) In a world of possibilities, pursue one with endless...  ...with stakeholders to address security vulnerabilities and implement corrective actions....  ...Provide training on SCIF protocols and manage documentation for accreditation and compliance... 
    Flexible hours

    Navstar

    Bethesda, MD
    1 day ago
  •  ...Senior Cloud Security Specialist 100% ONSITE in Washington DC Per Federal...  ...DESCRIPTION: The IT Security Engineering team is...  ...related to Identity and Access Management (IAM), security engineering...  ...zero trust, DevSecOps and vulnerability management. Technical... 
    Senior
    Contract work
    Local area

    System One

    Washington DC
    more than 2 months ago
  • A leading security services provider is seeking a Senior Security Test & Evaluation Analyst to implement extensive security testing and assess vulnerabilities. The role requires deep expertise in ethical hacking, network security, and the ability to conduct thorough security... 
    Senior

    Ampcus Inc

    Washington DC
    2 days ago
  • $104.73k - $160k

    Mission Technologies, a division of HII, is seeking an Information System Security Manager (ISSM) based in Alexandria, VA. The ideal candidate will generate and maintain security documentation, certify classified networks, and manage compliance with security regulations... 
    Senior

    Mission Technologies, a division of HII

    Alexandria, VA
    2 days ago
  •  ...Overview Global Information Security (GIS) is responsible for...  ...Security strategy and policy, manages the Information Security program...  ..., identifies, and addresses vulnerabilities and operates global security...  ...and Access Management (IAM) Specialist to lead access provisioning... 
    Senior
    Work at office
    Shift work
    Day shift

    Bank of America

    Washington DC
    2 days ago
  • Terrestris Global Solutions is seeking an IT Security Operations Analyst to support the IT Technology Services contract. This role is...  ...Clearance and have at least two years of experience in patch management. Along with competitive pay, Terrestris offers a range of benefits... 
    Remote job
    Contract work

    Terrestris Global Solutions

    Washington DC
    4 days ago
  • $131.3k - $237.35k

     ...role demands active TS/SCI clearance and over 12 years of experience in cybersecurity engineering. The Cyber Engineer will analyze security requirements, design secure solutions, conduct audits, and support documentation throughout the system development life cycle.... 
    Senior
    Full time

    Leidos

    Arlington, VA
    2 days ago
  •  ...is seeking a Senior Penetration Testing, Software Assurance and Vulnerability Assessment Engineer to support DHS CIETS in the DC Metro area. The role requires identifying vulnerabilities, assessing security posture, and providing remediation guidance across classified... 
    Senior

    LinTech Global, a Dexian company

    Washington DC
    2 days ago
  • $107.9k - $195.05k

    A leading technology firm seeks an experienced Vulnerability Assessor in Arlington, VA. The role involves assessing and managing vulnerabilities, configuring security scans, and collaborating with teams to enhance cybersecurity capabilities. The ideal candidate should have... 
    Senior

    Leidos

    Arlington, VA
    4 days ago
  • Cyber Security Incident and Event Management/Elastic Specialist US CITIZEN ONLY. SECRET CLEARANCE REQUIRED. MUST HAVE IT-II...  ...or SOC teams Coordinating with IT or DevOps for containment and...  ...include assistance with monitoring Vulnerability Management tools, such as ACAS... 

    Diligent Consulting Inc

    Washington DC
    10 hours ago
  • Security Management Specialist Journeyman Dynamo Technologies LLC has an immediate need for a Journeyman Security Management Specialist to support...  ...management, and lifecycle support. Identify security vulnerabilities and implement preventive measures. Oversee and... 
    Work experience placement
    Immediate start

    Dynamo Technologies, LLC

    Washington DC
    2 days ago
  •  ...Diverse Systems Group, LLC is seeking an Information Assurance/Security Specialist to play a pivotal role in safeguarding the integrity,...  ...recommendations and solutions to mitigate potential threats and vulnerabilities. Assist in implementing and maintaining security controls... 

    Vinstuen Femmeren jazzværtshus

    Bethesda, MD
    2 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Sr IT Security/Vulnerability Management Specialist. Be the first to apply!