Vulnerability Management Engineer
Share
Job Location:
Fairfax, VA - USA
Monthly Salary:
Not Disclosed
Posted on:
7 hours ago
Vacancies:
1 Vacancy
Job Summary
Role: Vulnerabilty Management Engineer
Location: Onsite- Fairfax VA 3 Days and in Washington DC 2 Days per Week.
Duration: Long Term Contract
Position Require a Secret Clearance
Job Description:
The Vulnerability Management Engineer position supports vulnerability identification analysis remediation coordination and compliance reporting for Federal systems. The role requires strong knowledge of federal cybersecurity frameworks including NIST 800 53 NIST 800 37 RMF FISMA FedRAMP and DoD specific controls. The Engineer will work with ISSOs system owners security architects and engineering teams to ensure continuous visibility and reduction of security risks across mission critical environments. This role requires expertise in vulnerability scanning assessment automation remediation tracking and communicating risk to both technical and non technical federal stakeholders.
Primary Responsibilities:
- Plan schedule and execute vulnerability scans on federal systems using tools such as Tenable Nessus and Qualys.
- Analyze scan results validate findings eliminate false positives and prioritize remediation based on criticality exploitability and federal impact levels.
- Support vulnerability discovery across cloud on premises hybrid and containerized environments.
- Ensure vulnerability management activities align with NIST RMF NIST 800 53 DOD STIGs FedRAMP and agency specific guidelines.
- Contributes to the creation maintenance and tracking of POA&Ms ensuring compliance with federal deadlines and reporting requirements.
- Collaborate with ISSOs and system owners to support Security Control Assessments (SCAs) and audits.
- Work closely with system administrators developers network engineers and cloud teams to drive timely remediation of vulnerabilities.
- Prepare compliance reports for federal leadership auditors ISSOs and system owners.
- All other duties as assigned by management.
Skills and Qualifications:
- Bachelors degree in computer science or related field
- 8 years in Cybersecurity and Risk Management Framework
- Experience with vulnerability scanning tools (Nessus or Qualys)
- Experience performing risk assessments for Federal systems in AWS GovCloud
- Experience supporting FedRAMP High/Moderate systems
- Knowledge in Java Python HTML SQL CSS and cloud computing
- Excellent communication and management skills.
Certifications Required:
- Certified Information Systems Security Professional (CISSP)
- CompTIA Security
Security Clearance Requirements:
- Must be a U.S. Citizen
- Must have an active DoD Secret clearance.
Work Location:
- 3 days in Fairfax VA 2 days in Washington D.C.
