251 to 275 of 479 Permanent Vulnerability Management Jobs

a Department of Defense (DoD) Secret security clearance. Desired Skills & Qualifications: Python/Java programming languages Understanding of DevOps principles: Knowledge of CI/CD pipelines, GitOps, automation, configuration management, and infrastructure as code Familiar with Scaled Agile methodology and its best practice Security knowledge: Familiarity with security best practices, risk, compliance & vulnerability management, encryption & PKI, incident … Architect strongly preferred) and its services (including fundamental AWS networking), knowing Azure is a plus Containerization: Knowledge of Docker and Kubernetes Strong understanding of API Design, testing, development and management Collaboration and communication: Ability to communicate and work effectively with development team members, operations, and security teams Problem-solving and analytical skills: Ability to identify issues and develop effective … to accelerate workload Desired Tools: CI/CD tools: Gitlab, Nexus Managed Artifacts, AWS: AWS EKS, EC2, Lambda, S3, EBS/EFS, VPC, DNS, IAM, KMS, CloudWatch, CloudTrail Configuration management: Ansible, Terragrunt, ArgoCD Build/Development: VS Code, Maven Event streaming platform (nice to have): Kafka messaging Container orchestration: Kubernetes, Docker, Security, Monitoring and logging: ACAS/Grype vulns More ❯

understand and be able to implement DoD RMF system accreditation processes. Assess use case and operational risk of integrated open source, and GOTS/COTS software components. Will use vulnerability management systems, automated security scanning tools, and system accreditation record systems. Must be able to grasp new concepts, facilitate information exchanges for data gathering, and collaborate with diverse … audiences. Will follow established processes where applicable, and establish and execute defensible processes where none are prescribed. Provide security planning, assessment, risk analysis, and risk management support. Recommend system-level solutions to resolve security requirements and guide the development team in meeting the security posture requirements. Support the Government in the enforcement of the design and implementation of trusted … inner workings of various software and system level applications. DoD 8570 compliance with IAT Level II (SSCP, Security+, CCNA-Security, or GSEC certification) Experience with DISA STIGs and SRGs, vulnerability management systems, mitigation and compliance processes, and reviewing results from automated security scanning tools. The ability to work independently and as part of a team is needed. Willingness More ❯

focused, and motivated candidate who can adapt to a constantly changing environment. What you will do - Manage and maintain a complex server-based enclave. Performing and mitigating system scans, vulnerability management activities, and active directory configuration. - Plan and implement IT enhancements needed for system optimization. - Identify and remediate hardware and/or software issues. - Create and update clear … concise, and accurate incident resolution documentation. - Support overlapping projects and maintain good inter-departmental relations. - Communicate and publish statuses of system outages, as needed. - Manage information assurance vulnerability alerts (IAVAs) and system security scanning of equipment suites in accordance with System Security Plans. - Actively identify and initiate IAVA responses and system security scans for remediation, deploy IAVA patches and … Experience documenting and providing information for security accreditation and certification. - Experience using Splunk tools in infrastructure planning, data collection and comprehension, development, integration, configuring data inputs and forwarders, data management, and/or monitoring. - Experience with Network Security Technologies such as Multiple Domain, PKI, SSP, and/or Vulnerability Assessment. - Experience with High Assurance Internet Protocol Encryptor (HAIPE More ❯

readiness. Visit for more details. Responsibilities Program Description: The program provides Systems Engineering and Technical Assistance (SETA) core and non-core support in the areas of Cyber Security and Management to improve the Information Assurance (IA) posture of a National customer. The contracts Core Capabilities are: IA Management, Federal Information Security Management Act (FISMA) coordination and reporting … Risk Management Framework (RMF) application, IA compliance measurements and metrics, Assessment and Authorization (A&A), Vulnerability Management, and Cyber Defense support. Position Description: The Cross Domain Systems Engineer will support the design, integration, accreditation, and sustainment of Cross Domain Solutions (CDS) used to securely transfer information between networks of differing classification levels within Department of Defense (DoD … maintain a TS/SCI with Poly Able to support customer's core hours (; Mon - Fri) A Cyber Certification (DoD 8570/8140) 5+ years of Systems Engineering (configuration management, requirements management/writing, architecture, interfaces) experience, preferably in DoD or IC environments Experience leading projects or diverse teams in a DoD or government contracting environment Understanding of More ❯

an exciting and fast-growing company in the cybersecurity market. What you'll be doing: Conduct automated and manual tests on information systems using industry-standard tools such as vulnerability scans, source code reviews, and web application testing. Develop test plans, execute tests, and prepare detailed after-action reports. Document testing processes in accordance with agency regulations and Standard … Operating Procedures (SOPs). Contribute to Authorization & Accreditation (A&A), Plan of Action & Milestones (POA&M), vulnerability management, and continuous monitoring efforts. Use signature-based scanners, data collection tools, and hardware analysis tools to assess potential threat events. Perform Security Information and Event Management (SIEM) reviews to ensure proper detection and notification of threats. Support vulnerability More ❯

Perform IT audit assessments to include review of IT controls, testing, validation, and evaluations of risk level. Lead FFMIA and FISCAM related activities such as evaluating Access, Security, Configuration Management, Segregation of Duties, Contingency, and Business Application controls. Assist in the development of process improvement and procedures. Analyze software systems and document requirements per FIAR methodology. Recommend remediation and … fix actions to close out audit findings. Monitor, track and obtain accurate and complete PBC request from internal and external auditors. Understand Federal Cyber Security processes and Risk Management Framework (RMF) Use of FISCAM control techniques and audit procedures Provide consultation on audit risk and compliance best practices and principles to network protocols, architectures, equipment, services, standards, and technology. … expertise in a format that can be understood and is accepted by all personnel. Assist with ongoing implementation of SAF/FM initiatives to include Identity, Credential, and Access Management (ICAM), Configuration Management Database/Enterprise Integration (CMDB/EI), System Information and Event Management (SIEM) and System Security. Requirements: Knowledge and experience with OSD FIAR audit More ❯

moments. The ideal candidate has hand-on experience with advanced threat detection, incident response, and collaborative security assessments to protect critical government customer systems and infrastructure. Key Responsibilities: Perform vulnerability assessments, incident response, and threat hunting operations Support Purple Team initiatives by integrating offensive (Red Team) and defensive (Blue Team) strategies Able to execute strategic security plans aligned with … Teams to enhance overall security posture Work closely with Senir Analysts across technical domains to ensure comprehensive assessments and planning Tools and Techniques Use approved tools and techniques for vulnerability assessments and threat detection Stay connected with on-going evaluation of new tools and technologies to enhance team capabilities Required Qualifications: Bachelor's or Master's degree in Cybersecurity … Computer Science, Information Technology, or related field 3-5 years of experience in Cybersecurity operations Proven experience in incident response, threat hunting, and vulnerability management Understanding of threat intelligence, risk assessment methodologies, and adversary tactics (MITRE ATT&CK, etc.) Knowledge of SIEMs, EDRs, forensic tools, and scripting languages (e.g., Python, PowerShell) Excellent communication and collaboration skills Preferred Qualifications More ❯

Thoroughly understand and be able to implement RMF system accreditation processes. Assess use case and operational risk of integrated open source, and GOTS/COTS software components. Will use vulnerability management systems, automated security scanning tools, and system accreditation record systems. Must be able to grasp new concepts, facilitate information exchanges for data gathering, and collaborate with diverse … audiences. Will follow established processes where applicable and establish and execute defensible processes where none are prescribed. Provide security planning, assessment, risk analysis, and risk management support. Recommend system-level solutions to resolve security requirements and guide the development team in meeting the security posture requirements. Support the enforcement of the design and implementation of trusted relationships among external … protocols and services, computer architectures, and network topologies is required. 8570 compliance with IAT Level II (SSCP, Security+, CCNA-Security, or GSEC certification) Experience with DISA STIGs and SRGs, vulnerability management systems, mitigation and compliance processes, and reviewing results from automated security scanning tools. The ability to work independently and as part of a team is needed. Flexibility More ❯

moments. The ideal candidate has hand-on experience with advanced threat detection, incident response, and collaborative security assessments to protect critical government customer systems and infrastructure. Key Responsibilities: Perform vulnerability assessments, incident response, and threat hunting operations Support Purple Team initiatives by integrating offensive (Red Team) and defensive (Blue Team) strategies Able to execute strategic security plans aligned with … Teams to enhance overall security posture Work closely with Senir Analysts across technical domains to ensure comprehensive assessments and planning Tools and Techniques Use approved tools and techniques for vulnerability assessments and threat detection Stay connected with on-going evaluation of new tools and technologies to enhance team capabilities Required Qualifications: Bachelor's or Master's degree in Cybersecurity … Computer Science, Information Technology, or related field 3-5 years of experience in Cybersecurity operations Proven experience in incident response, threat hunting, and vulnerability management Understanding of threat intelligence, risk assessment methodologies, and adversary tactics (MITRE ATT&CK, etc.) Knowledge of SIEMs, EDRs, forensic tools, and scripting languages (e.g., Python, PowerShell) Excellent communication and collaboration skills Preferred Qualifications More ❯

will have the experience to determine strategies and lead efforts to advance cyber defense capability. Key Responsibilities: A member of Leadership and Strategic Planning group Lead and coordinate advanced vulnerability assessments, incident response, and threat hunting operations Support Purple Team initiatives by integrating offensive (Red Team) and defensive (Blue Team) strategies Help develop and execute strategic security plans aligned … security posture Work closely with SMEs across technical domains to ensure comprehensive assessments and planning Tools and Techniques: Help teams in the use of approved tools and techniques for vulnerability assessments and threat detection Assist with the evaluation of new tools and technologies to enhance team capabilities Required Qualifications: Bachelor's or Master's degree in Cybersecurity, Computer Science … Technology, or related field 5-8 years of experience in Cybersecurity operations, including Blue Team, Red Team, or Purple Team roles Proven leadership in incident response, threat hunting, and vulnerability management Strong understanding of threat intelligence, risk assessment methodologies, and adversary tactics (MITRE ATT&CK, etc.) Experience with SIEMs, EDRs, forensic tools, and scripting languages (e.g., Python, PowerShell More ❯

years' experience supporting DoD or Federal Cyber/IT initiatives. Current and active SECRET clearance Five (5) years IA (Information Assurance) experience Three (3) years of experience with DOD Vulnerability Management System Bachelor's degree preferred DoD 8570.01-M Certification: DFARS Information Assurance Contractor DISA FSO certified CCRI Team Lead and certification in penetration testing, such as: o … Penetration Tester (LPT) o Certified Expert Penetration Tester (CEPT) o Certified Ethical Hacker (CEH) o Global Information Assurance Certification Penetration Tester (GPEN) Additional Qualifications: • Proven proficiency performing CCRI/vulnerability assessment/penetration testing on networks, databases, computer applications and IT frameworks. • Strong analytical and problem-solving skills for resolving security issues. • Strong skills implementing and configuring networks and … of DOD security regulations, DISA STIGs. • Strong knowledge of SCAP • Strong knowledge of RMF • Excellent knowledge of and proficiency with: o VULNERATOR o USCYBERCOM CTO Compliance Program o Wireless vulnerability assessment o Web Services (IIS, Apache, Proxy) o Database (SQL Server, Oracle) o Email Services (Exchange) o Vulnerability Scans (NESSUS, SCCM) o Knowledge of Phishing exercises o USB More ❯

prioritise tasks as part of the IT team Previous 1st and 2nd Line support experience Problem solver with the ability to generate new ideas and bring them to the management team Essential Skills/Knowledge Good understanding of IT & network security best practices Able to identify and escalate potential security threats in line with department procedures Working knowledge of … patch and vulnerability management Excellent support experience with Windows 10 and above Windows Server (2016 and above) administration and maintenance Active Directory and group policy experience Experience supporting IT hardware including Servers, Desktops, Laptops, etc. Knowledge of network communication protocols such as TCP/IP, DNS & DHCP Experience working with WAN, LAN, and wireless environments Strong technical and … V & Failover Cluster environments Endpoint protection tools, firewalls, antivirus/SIEM/EDR solutions Knowledge of SAN technologies SQL Server & T-SQL understanding Linux server administration Experience with resort management tools Knowledge of Google Workspace environment Day-to-day duties Lead a team of on-site support technicians, serve as an escalation point for technical support, and work closely More ❯

Ace Hardware corporate IT environment. What you'll do Build, test, support and improve the IT security infrastructure by: Reviewing security events for threats and risks Identifying and remediating vulnerability risks within the IT infrastructure Performing compliance analysis to maintain a secure architecture Providing hands on support, update and implementation activities for infrastructure components as necessary Interacting with business … security architecture and technologies typically implemented that protect networks from threats and vulnerabilities Skills & Competency Requirements 1 to 2 years of Microsoft Sentinel experience, including deployment, configuration and component management (Log Analytics workspace, Data Connectors, Analytics rules, Playbooks, etc.) Proficiency in Kusto Query Language (KQL) for creating custom queries and detection rules Fundamental engineering technical skills with Microsoft Active … Directory and authentication technologies Familiarization with engineering and administration concepts relating to access management, Network firewall administration, vulnerability management and end point security technologies Fundamental understanding of network infrastructure concepts, technologies, protocols, and solutions Experience in implementing and supporting engineering projects from inception to implementation Ability to identify, develop and document processes and procedures Demonstrated personal skills More ❯

to fostering a culture of security awareness and operational excellence, directly impacting the company's ability to achieve its ambitious goals. Spearhead the development of Duffel's Information Security Management System (ISMS) and guide the organisation through SOC 2 certifications. Implement and continuously improve security policies and technical controls, ensuring alignment with industry best practices and operational excellence. Monitor … de-identification, and data lifecycle management. Develop and execute internal audit programs, and effectively respond to external audits and due diligence requests. Leverage your technical knowledge to define risk management plans, secure vendor solutions and meet third party requirements. Actively contribute to Duffel's security awareness program, fostering a strong security culture throughout the organisation. Manage Vendor Security Assessment … operations and drive continuous improvement of these processes. Support the implementation and enhancement of Incident Management and Vulnerability Management policies. Partner with our Legal team to ensure security practices align with legal and regulatory requirements, particularly concerning data privacy and protection. What we're looking for in you: Strong software and cybersecurity technical background, including experiences with More ❯

related degree and 8+ years of applicable experience. Additional experience may be considered in lieu of a degree. Demonstrated experience supporting of Plan of Action and Milestones (POAMs) and vulnerability management Experience with network infrastructure design, routed data protocols, and hardware platforms. Experience with technologies such as DHCP, DNS, SSH, TCP, and UDP. Demonstrated experience with security device … and installation/management. Knowledge of WAN and LAN, routing, switching, and firewalls. Knowledge in Operating Systems such as Windows, Cisco IOS, and RHEL. Demonstrated experience applying efficient task management and ability to adjust to changing requirements Demonstrated experience working as part of a team Demonstrated customer service and interpersonal skills Original Posting: June 26, 2025 For U.S. Positions More ❯

in collaboration with developers, DevSecOps engineers, ensuring that security is seamlessly integrated into our CI/CD pipelines and all layers of infrastructure. Additionally, you will supervise security tool management and ensure cyber resiliency for consumer applications. A deep understanding of Google Cloud Security, Application Security, API security, and customer security systems is crucial. Key Responsibilities: Design and Implement … engaged and actively adopting industry-standard security designs Enforce Security Best Practices: Build and enforce security best practices across Google Cloud Platform (GCP) environments, ensuring robust identity and access management (IAM), network security, and encryption, in compliance with industry standards. Integrate Application Security: Drive the integration of application security practices, including secure coding and vulnerability management, throughout … tools and processes to secure application development. Deep understanding of application security, including secure coding practices, OWASP Top 10, and API security standards. Knowledge of Customer Identity and Access Management (CIAM) solutions and API security frameworks. Knowledge of one or more programming languages with the ability to review and implement secure code. Strong understanding of security automation, orchestration, and More ❯

scripts (e.g. Sysmon & Auditd) 5 years of experience with the following threat hunting tools: Microsoft Sentinel for threat hunting within Microsoft Azure; Tenable Nessus and SYN/ACK for vulnerability management; NetScout for analyzing network traffic flow; SPUR.us enrichment of addresses Mandiant Threat intel feeds Must be able to work 80% (Monday thru Thursday) onsite at AOUSC office … cloud-based applications such as: Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Cloud Access Security Brokers (i.e., Zscaler). Review and analyze risk-based Security information and event management (SIEM) alerts when developing hunt hypotheses. Review open-source intelligence about threat actors when developing hunt hypotheses. Plan, conduct, and document iterative, hypothesis based, tactics, techniques, and procedures (TTP … hunts utilizing the agile scrum project management methodology. At the conclusion of each hunt, propose, discuss, and document custom searches for automated detection of threat actor activity based on the hunt hypothesis. Configure, deploy, and troubleshoot Endpoint Detection and Response agents (e.g., CrowdStrike and Sysmon). Collect and analyze data from compromised systems using EDR agents and custom scripts More ❯

STEM" Majors (Science, Technology, Engineering and Math) CISSP, CISM or related SANs or Industry certifications Desired Expertise: - Relevant Cyber or IT related experience in client and server environments. Infrastructure management and support - Understanding of CND-based analytical models (Kill Chain, ATT&CK, Pyramid of Pain, etc.) - Understanding of APT, Cyber Crime and other associated tactics - Understanding of host forensics … and network analysis techniques and tools - Understanding of malware and reverse engineering - Understanding of vulnerabilities. Vulnerability management, remediation and implementation techniques. - Understanding of responding to threats in cloud platforms (AWS, Azure, Google, etc.) - Excellent verbal and written communication skills - Excellent organizational and analytical skills - Detail oriented with the ability to multi-task and prioritize efforts - Ability to express More ❯

Familiarity with security frameworks such as NIST, IEC62443, NIS Regulations, CAF, or SoGP. Understanding of threat intelligence, attack surfaces, and cyber kill chains relevant to OT. Proven experience in vulnerability management and incident response in OT contexts. Ability to manage stakeholder relationships and communicate technical risks effectively. A proactive approach to problem-solving and strong attention to detail. More ❯

mission and pursuing our goals with us, then check out the job description below! What you'll do: Monitor security alerts and events using SIEM (Security Information and Event Management) tools. Collaborate with leadership to develop and refine comprehensive cybersecurity strategies aligned with industry best practices and regulatory requirements. Serve as a technical authority, offering in-depth expertise in … areas such as threat detection, incident response, vulnerability management, and risk assessment. Assess, design, and implement advanced security architecture solutions that address the organization's evolving technology landscape. Identify, assess, and prioritize cybersecurity risks, working closely with cross-functional teams to mitigate potential threats effectively. Lead and coordinate incident response activities, guiding the team through timely and effective … Experience with automation tools and scripting languages to streamline security operations, threat detection, and incident response. Experience managing security events, and cyber threat response. Familiarity with ITIL frameworks, incident management, and service desk operations. SALARY RANGE: $129,000 - $189,000 The salary range for this position is determined based on qualifications, skills, and relevant experience. The final salary offered More ❯

do: 2nd or 3rd Shift: (2:00 PM - 10:30 PM OR 11:00 PM - 6:30 AM) Monitor security alerts and events using SIEM (Security Information and Event Management) tools. Collaborate with leadership to develop and refine comprehensive cybersecurity strategies aligned with industry best practices and regulatory requirements. Serve as a technical authority, offering in-depth expertise in … areas such as threat detection, incident response, vulnerability management, and risk assessment. Assess, design, and implement advanced security architecture solutions that address the organization's evolving technology landscape. Identify, assess, and prioritize cybersecurity risks, working closely with cross-functional teams to mitigate potential threats effectively. Lead and coordinate incident response activities, guiding the team through timely and effective … Experience with automation tools and scripting languages to streamline security operations, threat detection, and incident response. Experience managing security events, and cyber threat response. Familiarity with ITIL frameworks, incident management, and service desk operations. SALARY RANGE: $129,000 - $162,000 The salary range for this position is determined based on qualifications, skills, and relevant experience. The final salary offered More ❯

multiple enclaves with varying classification levels Create, review, and maintain security authorization documentation in alignment with DoD and federal cybersecurity policies Implement and guide the team through the Risk Management Framework (RMF) accreditation lifecycle; prior DIACAP experience is acceptable Perform in-depth assessments of open-source, GOTS, and COTS software for security risks and integration viability Utilize and interpret … results from vulnerability management platforms and automated security scanning tools Recommend and validate system-level mitigations to meet required security postures and accreditation criteria Collaborate with development and infrastructure teams to ensure secure design and implementation practices across cloud-based big data systems Support government efforts in securing trust boundaries and interconnection agreements with external systems Contribute to More ❯

vulnerabilities, assess their impact, and prioritize responses accordingly. Incident Response: Developing and implementing incident response plans for handling cyber incidents in OT environments, including containment, eradication, and recovery procedures. Vulnerability Management: Identifying and assessing vulnerabilities in OT systems and coordinate with relevant teams to remediate them. Security Assessment: Conducting security assessments and facilitate penetration testing of OT systems … level of attention to detail, be self-motivated and have the ability to think outside the box when working on complex problems. This role requires strong communication and stakeholder management skills, with the ability to influence beyond your sphere of control. The successful candidate must be willing and able to obtain SC Clearance. Rewards and benefits As you help More ❯

vulnerabilities, assess their impact, and prioritize responses accordingly. Incident Response: Developing and implementing incident response plans for handling cyber incidents in OT environments, including containment, eradication, and recovery procedures. Vulnerability Management: Identifying and assessing vulnerabilities in OT systems and coordinate with relevant teams to remediate them. Security Assessment: Conducting security assessments and facilitate penetration testing of OT systems … level of attention to detail, be self-motivated and have the ability to think outside the box when working on complex problems. This role requires strong communication and stakeholder management skills, with the ability to influence beyond your sphere of control. The successful candidate must be willing and able to obtain SC Clearance. Rewards and benefits As you help More ❯

deployments. Provide technical support with risk assessments on PHI, and steering improvements to our environment in line with common standards such as NIST. Support External Penetration Testing and application vulnerability efforts, delivering assessments and prioritizing remediation activities across the organization. Be across Threat Intelligence relevant to our industry and geographic regions, and translating that to real world defenses for … Suite, Kali, Metasploit and such Scripting including the use of python, Powershell, bash or Javascript Securing networks, hosts, web applications and cloud native deployments Working with toolsets such as: vulnerability management, firewalls, SIEM, PAM, IDS/IPS, EDR/XDR, WAF Working with code security controls such as SAST/DAST/IAST/RASP You should also More ❯