Senior Vulnerability Management - Remote

Maania Consultancy Services • Washington, DC, US • 1w ago

Position type: Fulltime
Location: Hybrid; 4-5 days onsite a month in D.C

Requirements:

The candidate shall possess the knowledge and skills set forth in the Specialized Cybersecurity and Privacy Support Services BOA, Section H.3.f. for Labor Category 7, Senior Vulnerability Management, with the following set of specific knowledge and experience:
Experience with security technologies, including vulnerability scanners and SIEM solutions.
Specific systems include Tenable, Nessus, Invicti, Splunk, and other vulnerability management solutions (e.g., enterprise patch management).
Experience managing vulnerabilities in both on-premises systems and in cloud environments, (e.g. Amazon Web Services, Microsoft Azure, Google Cloud, and Data Centers).
Familiarity with relevant industry standards and regulations. This should include specific requirements of federal government institutions and general best practices for a quality VM program.
Experience identifying and developing mitigation strategies. This includes designing mitigations that specifically address vulnerabilities, working with system owners to patch systems, and identifying adequate solutions to remediate vulnerabilities where patching is not possible.
Experience analyzing data and identifying vulnerabilities. This extends beyond running a scan and identifying vulnerabilities found by the system. This includes analyzing systems, network configurations, web applications, and architectural diagrams, as well as identifying top vulnerabilities such as those listed in the OWASP “Top Ten” and understanding how those vulnerabilities work at the programmatic level.
Experience with workflows, forms, and other enabling technologies that may be needed to operationalize the VM program. Software needs might include ServiceNow, SharePoint, Adobe Forms, automated email messaging, PowerApps, Tableau for visualization, and Splunk.

NOTE: Along with a resume, the candidate must submit at least 2 writing samples that show experience with managing vulnerabilities, remediating findings, and/or managing patches.