Lead Cybersecurity Engineer - Vulnerability & Configuration Management

True Zero Technologies, a veteran-owned small business, was founded on the principle that the purposeful enablement of people and technology in an organization directly ties to the quality of its outcomes. True Zero recognizes that those outcomes begin and end with our people, and that is what we have built a community of like-minded, driven, and passionate individuals and innovators who are aligned in a common goal of delivering top-tier services to our customers. Our culture and commitment have been recognized through numerous accolades, including being named one of the Best Places to Work in 2023 in two categories ("Prosperous and Thriving" ($5MM-$50MM in gross revenue) and "Mid-Atlantic Region" (DC, DE, MD, NC, VA, WV)), and again in 2025 as a Best Places to Work honoree. In addition, True Zero earned coveted spots on the Inc. 5000 list of fastest-growing companies in America in 2022, 2023, and 2025 , a testament to our sustained growth driven by our people-first approach and unwavering dedication to excellence.

This candidate will lead risk-based asset management efforts across vulnerability management, configuration management, and database hardening in support of a federal cybersecurity program. Additionally, this role will coordinate technical activities, guide prioritization based on business and security risk, and provide leadership visibility into remediation progress, operational gaps, and program performance. This position calls for a blend of hands-on technical depth and team leadership, with responsibility for driving process improvement, supporting automation, and helping mature enterprise security practices.

Job Responsibilities

• • Oversee RBAM projects, schedules, milestones, and team execution
  • Facilitate meetings and brief leadership on status, risks, priorities, and progress
  • Lead and coordinate vulnerability management activities across enterprise systems, including vulnerability identification, prioritization, remediation tracking, and validation
  • Oversee remediation efforts by working with system owners, engineers, administrators, database teams, and other stakeholders to ensure timely and risk-informed mitigation
  • Apply knowledge of CVE, CVSS, NVD, and the CISA KEV catalog to support risk-based vulnerability prioritization and remediation sequencing
  • Establish, manage, and enforce configuration baselines across Windows, Linux, network, cloud, containerized, and database environments
  • Incorporate security configuration baselines into configuration management processes, including operating system image hardening, automation, audit, and compliance validation
  • Support configuration management practices aligned with NIST SP 800-128 and other applicable federal guidance
  • Coordinate database hardening activities across relational, NoSQL, and cloud-native database environments
  • Apply DISA STIGs, CIS Benchmarks, and hardening best practices to support secure database configuration and compliance
  • Assess on-premises and cloud-hosted database environments for security posture, hardening compliance, logging, encryption, data masking, and audit readiness.
  • Use scanning and validation tools to verify database hardening compliance and identify configuration gaps
  • Translate audit requirements into actionable technical configurations, remediation tasks, dashboards, reports, and evidence artifacts
  • Develop, modify, and maintain dashboards and reports in Splunk or similar SIEM platforms to support leadership visibility, operational tracking, and program performance.
  • Use enterprise ticketing systems such as ServiceNow to document findings, assign remediation actions, track progress, and support auditability
  • Support automation through scripting, Splunk searches, and repeatable workflows using tools such as Python, PowerShell, Bash, or similar technologies
  • Support DevSecOps and CI/CD pipeline activities by helping integrate vulnerability management, configuration validation, and hardening requirements into development and deployment processes.
  • Coordinate with technical teams to ensure remediation, configuration, and database security activities are properly documented and supported by evidence
  • Provide technical guidance to stakeholders on remediation priorities, configuration risk, database hardening, and cyber hygiene improvement.
  • Support recurring reporting on vulnerability trends, remediation progress, configuration compliance, database hardening status, operational gaps, and risk reduction.
  • Help mature the risk-based asset management program by improving processes, automation, reporting, evidence generation, and stakeholder coordination
  • Direct and support enterprise vulnerability scanning, analysis, remediation prioritization, and reporting
  • Guide the development and enforcement of secure configuration baselines across systems and platforms
  • Coordinate database hardening, patching, scanning, and compliance activities with stakeholders
  • Review cyber hygiene findings and translate results into actionable remediation plans
  • Support evaluation of new technologies and products through security review and software approval processes
  • Develop or enhance dashboards, reporting, and metrics to improve visibility into risk and remediation progress
  • Support process improvement, automation, and operational maturity efforts across the RBAM function
  • Ensure work products, reporting, and technical activities align with DHS, client, and federal cybersecurity expectations
  • Lead and coordinate vulnerability management, configuration management, and database hardening activities

Job Qualifications

• Bachelor's degree in Information Technology, Information Systems, Computer Science, Computer Engineering, Electrical Engineering, or related technical field; or equivalent additional experience
• 7+ years of total professional experience
• 5+ years of technical experience in vulnerability management, configuration management, database hardening, or related security operations
• Experience leading technical teams or workstreams in dynamic environments
• Strong experience managing vulnerability remediation efforts across enterprise environments
• Experience using vulnerability scanning tools such as Tenable/Nessus
• Strong experience establishing, maintaining, and enforcing configuration baselines
• Familiarity with remediation practices across Windows, Linux, network devices, containers, and cloud platforms
• Strong knowledge of CVE, CVSS, NVD, and the CISA KEV catalog
• Strong knowledge of configuration management principles and secure baseline enforcement
• Familiarity with DISA STIGs, CIS Benchmarks, and secure hardening practices
• Experience with enterprise dashboards, reporting, and ticketing workflows
• Experience with scripting and automation using tools such as Python, PowerShell, Bash, or similar
• Experience with a wide range of database technologies including:
• Relational databases: Oracle, PostgreSQL, MySQL, MS SQL
• NoSQL Databases: MongoDB
• Cloud-native databases: AmazonRDS, Azure SQL, DynamoDB
• Familiarity with DevSecOps and CI/CD pipeline concepts
• Ability to assess and secure on-premises and cloud-hosted database environments
• Experience with audit logging, encryption, masking, and technical evidence generation for compliance needs
• Strong written and verbal communication skills

Required Certifications

• One active certification such as CASP, GSEC, GSLC, CISSP, CEH, CISM, CISA, or comparable
• One active Agile certification such as PMI-ACP, SAFe Agilist, CSM, or comparable

We're actively searching for talented and expereinced professionals who are ready to experience the True Zero difference. As a True Zero team member, you'll enjoy:

- Competitive salary, paid twice per month

- Best in class medical coverage

- 100% of medical premiums covered by True Zero

- Company wide new business incentive programs

- Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.)

- 3 weeks of PTO starting + 11 Paid Holidays Annually

- 401k Program with 100% company match on the first 4%

- Monthly reimbursement of Cell Phone and Home Internet costs

- Paternity/Maternity Leave

- Investment in training and certifications to broaden and deepen your technical skills

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.