Enterprise Vulnerability Management Lead SME
$174k - $189kECS
Job Description Everforth ECS is seeking an Enterprise Vulnerability Management Lead SME to work in the National Capital Region covering the Pentagon, Falls Church, and Fairfax. Salary Range: $174,000 - $189,000. Please Note: This position is contingent upon contract award. The War Data Platform (WDP) is a key initiative within the U.S. Department of War’s AI-First strategy introduced in early 2026. The WDP separates business and financial data from operational warfighting data, aiming to accelerate the deployment of artificial intelligence (AI) on the battlefield. The WDP extends to Unclassified, Secret, and Top Secret environments, and supports collaboration between Combatant Commands, Joint Staff directorates, Senior Executive Service leaders, and operational analysts. The Enterprise Vulnerability Management Lead SME serves as the principal authority for vulnerability lifecycle management across WDP’s classified and unclassified enterprise environments, directing end-to-end remediation coordination, POA&M governance, and risk acceptance activities that sustain continuous authorization posture across NIPRNet, SIPRNet, and JWICS. Leads coordinated vulnerability management operations supporting Department of War mission systems across unclassified and classified networks. Directs enterprise vulnerability lifecycle activities including scan result validation, risk triage, remediation coordination, and continuous tracking of findings affecting operating systems, applications, databases, and network devices. Analyzes vulnerability data generated by ACAS, endpoint security platforms, and cloud security tooling to distinguish true risk conditions from false positives and environmental artifacts. Develops prioritized remediation strategies aligned to mission impact, threat severity, and authorization timelines while coordinating corrective actions with system owners, platform engineers, and cybersecurity teams. Maintains authoritative vulnerability records and remediation status within POA&M repositories, continuous monitoring dashboards, and authorization artifacts supporting Risk Management Framework execution. Supports deviation requests and risk acceptance actions through defensible technical analysis and documented mitigation strategies. Produces vulnerability trend reports, remediation performance metrics, and executive summaries for cybersecurity leadership and Authorizing Officials using ServiceNow, SharePoint, and reporting platforms. Guides junior analysts through standardized workflows for scan validation, POA&M updates, and stakeholder coordination while maintaining consistency and data integrity. Enables sustained authorization posture, reduced exposure windows, and improved cyber hygiene across enterprise environments while reinforcing program values of accountability, operational readiness, transparency, and disciplined risk management. Performs other duties as assigned. Required Skills Current Secret security clearance. 12+ years of experience in enterprise vulnerability management, cybersecurity operations, or a closely related discipline, with demonstrated senior subject matter expert-level ownership of vulnerability lifecycle operations across complex federal, DoW, or enterprise classified network and cloud environments. IAM Level I certification from an approved credential, including CompTIA Security+ CE, ISC² CAP, ISC² SSCP, or GIAC GSLC. Demonstrated hands‑on expertise directing enterprise‑scale vulnerability management programs using ACAS or Nessus, with applied experience managing POA&M portfolios, producing Authorizing Official‑level risk reporting, and leading remediation coordination across diverse system owner communities in support of continuous authorization under NIST 800‑53 and DoW RMF requirements. Proven experience supporting DoW or federal Risk Management Framework processes, including preparation and maintenance of Body‑of‑Evidence packages, deviation and risk acceptance documentation, and continuous monitoring artifacts in Government‑approved systems such as eMASS or Xacta. Strong problem‑solving and decision‑making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution. Highly developed interpersonal and oral/written communication skills, with the ability to effectively and professionally interact with a diverse set of stakeholders (from peers to end‑users to executive management). Desired Skills Advanced cybersecurity certification such as Certified Information Systems Security Professional (CISSP), GIAC Continuous Monitoring Certification (GMON), GIAC Enterprise Vulnerability Assessor (GEVA), or Certified Information Security Manager (CISM), demonstrating senior‑level mastery of enterprise cybersecurity governance, risk management, and vulnerability operations applicable to DoW mission environments. Experience leading vulnerability management operations within DoW or federal classified multi‑enclave environments, including applied familiarity with IL5, IL6, and JWICS vulnerability scanning constraints, cross‑domain remediation coordination requirements, and enclave‑specific deviation and risk acceptance workflows. Working knowledge of Zero Trust Architecture implementation and validation, including experience assessing vulnerability exposure within micro‑segmented, identity‑based access control environments aligned to the DoW Zero Trust Reference Architecture and related continuous monitoring obligations. Experience integrating vulnerability management operations within DevSecOps software delivery pipelines, including familiarity with automated STIG compliance validation, container image scanning, supply chain risk management, and pipeline‑embedded vulnerability gating in support of continuous authorization for cloud‑native government platforms. Demonstrated experience mentoring and leading junior vulnerability analysts, including developing standardized operating procedures, scan validation workflows, and POA&M data integrity protocols that strengthen team performance and sustain enterprise‑wide cyber hygiene and authorization readiness. ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis of any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law. #J-18808-Ljbffr ECS
- ...seeking a Business Process Technology Subject Matter Expert (SME) / Reporting Team Lead in Arlington, VA. This role involves leading the Reporting... ...while providing technical and functional expertise in enterprise reporting and data visualization. The candidate must have...SuggestedFull time
- ...ECS is seeking a T&E Gate Lead/Evaluation Science Lead SME to work in the National... ...evaluation capabilities within enterprise deployment pipelines to... ...pipelines for security vulnerabilities, integration bottlenecks,... ...gate policies and manage remediation workflows across...SuggestedContract workLocal area
- Product Manager SME - Endpoint Security Solutions Lead Everforth ECS is seeking a Product Manager SME to work in the National Capital Region covering the... ...senior subject matter expert responsible for leading enterprise endpoint protection, detection, and response operations...SuggestedContract workLocal area
- Everforth ECS is seeking a Product Manager SME to work in the National Capital Region covering the Pentagon... .... Responsibilities The Cloud Security Lead SME is a senior subject matter expert responsible for the enterprise cloud security posture of the WDP across NIPRNet...SuggestedContract workLocal area
- ...ECS is seeking a Monitoring & Telemetry Lead SME to work in the National Capital Region... ...WDP classification enclaves, ensuring enterprise-wide operational visibility, mission assurance... ...(from peers to end‑users to executive management). Desired Skills Active Top Secret (...SuggestedContract workLocal areaImmediate start
- Seneca Resources is seeking a Vulnerability Management Consultant to support enterprise cybersecurity initiatives in McLean, VA. The role involves assessing and mitigating security vulnerabilities, utilizing Tenable One, and providing stakeholder engagement. Candidates...
- ...Process Technology Subject Matter Expert (SME) / Reporting Team Lead Nationwide IT Services (NIS) is... ...and functional leadership for enterprise reporting, data visualization, and business... ...strong technical expertise in data management and data visualization platforms,...
- ...Lead Architect The Lead Architect serves as the senior technical leader and thought leader for the Enterprise Architecture Support Services (EASS) contract. Working closely with the... ...supporting the Architecture & Data Management Branch, this role is responsible for...Full timeContract workPart timeFor contractorsRemote work
- ...Lead Enterprise Architect 8-11 Years Experience Essential Functions Cloud Migration Support: Drive RFP development and procurement... ...for cloud migration services. Define financial ops/cost management process to SOP level and pilot. Architecture Development:...
- EPAM Systems, a leading global digital platform provider, seeks a Senior Manager of AI Alliances to shape frontier AI partnerships with vendors like Anthropic and... ...our ecosystem to position EPAM as the preferred enterprise AI implementation partner. You will translate...
- ...experienced individual for a pivotal Information Security role in McLean, Virginia. You will act as a central point of contact for the Enterprise Data organization and provide crucial security consulting across the organization. The position requires at least 4 years of...
- A leading technology firm in Arlington, VA is seeking a Modernization SME and ART Lead to manage enterprise platform transformations, especially with PeopleSoft. The ideal candidate will possess deep experience in modernization strategies, leading transformative projects...Remote jobFull timeFlexible hours
- ...Fraud Analytics Subject Matter Expert (SME) to provide deep domain expertise supporting... ...with large financial or tax datasets in enterprise analytical environments. Familiarity... ..., mathematics, statistics, engineering, management information systems, decision science, or...Full timeWork at officeLocal areaRemote work
- CACI International Inc in Arlington, Virginia is seeking an AI Governance SME to craft and lead innovative AI strategies for the Army Intelligence Enterprise. You will manage high-impact AI projects and spearhead research initiatives that integrate cutting-edge technology...
- A reputable cybersecurity firm in McLean, Virginia is seeking a candidate to lead vulnerability management and secure configuration operations. This role requires a minimum of three years in cybersecurity, a bachelor's degree, and hands-on experience with Invicti. The position...
- ...ECS is seeking a Supply Chain Risk Management Lead to work in the National Capital... ...Responsibilities The SCRM Lead SME serves as the senior enterprise authority for software and vendor... ...technologies — through automated vulnerability detection and scanning, component...Contract workLocal area
- Mayvin, Inc. is seeking a Subject Matter Expert (SME) to lead acquisition and program execution activities supporting USSOCOM’s Tactical Information & Analytics portfolio. This role entails managing the lifecycle of TIA acquisition programs and ensuring the successful delivery...
- Capital One is seeking a Senior Risk Manager for its Enterprise Risk Management team in McLean, VA. The role involves managing risk-related projects, ensuring strategic objectives are met, and enhancing governance frameworks. The ideal candidate has extensive experience...
- ...contractor based in Virginia is seeking a Senior Relativity SME to provide advanced support, manage software releases, and conduct training. Ideal... .... The role involves working closely with attorneys and leading projects to enhance Relativity usage. This full-time position...Full timeFor contractors
$120.8k - $137.9k
Capital One National Association is seeking a Principal Project Manager to lead Enterprise projects within the Bank Operations Command Center PMO. You will mentor junior project managers and ensure successful project delivery in a hybrid work setting. With a focus on strategic...- Capital One is seeking a Risk Manager in Enterprise Payments Risk Management to identify, assess and challenge payments risk across initiatives such as stablecoin integrations. The role partners with first- and second-line teams to strengthen controls around ACH, wires,...
- ...Solutions, Inc. is seeking a DFAS EFD Functional Lead in Fairfax, VA. This role requires expertise in federal financial management utilizing the Momentum application. The lead... ..., engage directly with clients, provide SME support, and mentor other team members. A hybrid...
$112.8k - $257k
Phase2 Technology is seeking a Lead Enterprise Architect to design enterprise architecture frameworks enabling strategic transformations. Candidates should have over 8 years of experience in software delivery, cloud computing, and security compliance. A TS/SCI clearance...Remote job$150.16k
Job Description CDM Smith is seeking a Lead Enterprise Architect to join our Corporate Business Technology team. In this role, you will be... ...utilize ServiceNow APM and Enterprise Architecture modules to manage application portfolios, lead rationalization efforts, and...H1b- JCS Solutions LLC is seeking a Senior Storage Engineer in Fort Belvoir, VA to lead enterprise storage operations for the Department of War. You will architect and maintain available storage platforms while ensuring operational compliance and performance optimization. The...
$112.8k - $257k
The Opportunity:Designs enterprise architecture (EA) to enable strategic or tactical transformations... ...DevSecOps, and AI/ML. Applies leading-edge principles, theories, and concepts.... ...government cyber compliance, including Risk Management Framework (RMF), Security Requirements...Full timeContract workPart timeWork at officeLocal areaRemote work$150.16k - $262.79k
CDM Smith is looking for a Lead Enterprise Architect in Fairfax, Virginia. You will design and govern the enterprise application architecture aligning with strategic IT direction, leading to scalable and secure solutions across the organization. The role requires expertise...- ...Security & Access Control Management, Container Services,... .... You will play a leading role in delivering product... ...and be security SME reviewing architecture... ...attack vectors, model vulnerabilities, prompt injection, data... ...experience with Splunk-Fu and Enterprise Monitoring experience...H1bLocal areaShift work
$120.8k - $137.9k
Principal Project Manager, Enterprise Learning Risk Management Lead Capital One’s Enterprise Learning & Development (L&D) team is seeking a Principal Associate... ...who anticipates emerging needs and operational vulnerabilities, raising issues and proposing solutions proactively...Full timePart timeWork at officeLocal area- ...at least 3 years of Cybersecurity experience, strong knowledge of Risk Management Framework (RMF), and requisite certifications such as Security+. Responsibilities include conducting vulnerability tests and managing the security of Information Systems. OTS values diversity...Contract work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Enterprise Vulnerability Management Lead SME. Be the first to apply!
- pest management Fairfax, VA
- pain management Fairfax, VA
- order management specialist Fairfax, VA
- entry level management training Fairfax, VA
- sales management training program Fairfax, VA
- director vendor management Fairfax, VA
- director of managed care Fairfax, VA
- asset management intern Fairfax, VA
- management trainee program Fairfax, VA
- emergency management Fairfax, VA

