76 to 100 of 483 Permanent Vulnerability Management Jobs

orchestrated workflow that function both on customer premise, and via remote Cloud services. Network infrastructure engineering services are comprised of core infrastructure, voice and video engineering, field engineering, application management and development for networks, network analytics, firewalls, network access controls and bandwidth service delivery. This is a fast paced, challenging, and career rewarding experience to provide solutions on one … s experience adjusted to accommodate. We are looking for a candidate with specific skills that may include the following: Implementation and validation of security controls that support the Risk Management Framework (RMF) and ICD 503 Security Accreditation Developing architecture documentation and Systems Security Plans (SSP) to support Accreditation and Authorization (A&A) reviews POA&M development and implementation Coordinating … achieve Authority to Operate (ATO). Knowledge of the complex environment involving shared networks and multiple security enclaves Engineering for Cyber engineering and integration services including security, authentication, identity management, authorization, and access control engineering. Self-starter able to work independently and build relationships with technical reps across divisions, comfortable with cyber security and able to brief issues to More ❯

installation of new or modified security hardware, operating systems, and software applications. Ensures the assessment and implementation of identified computer and network environment fixes as part of the Cybersecurity Vulnerability Management program. Guides the implementation of appropriate operational structures and processes to ensure an effective cybersecurity program. Maintaining the appropriate operational security posture for an information system Manage … or related discipline DoD Approved 8570 Baseline Certification: Category IAM Level II (One of the Following) CAP CASP+ CE CISM CISSP (or Associate) GSLC CCISO HCISPP Must know Risk Management Framework (RMF) Active TS/SCI + Polygraph PREFERRED QUALIFICATIONS Experience with DoD Cybersecurity Policies Experience with Xacta Solutions (Xacta 360) Knowledge of Enterprise Mission Assurance Support Service (eMASS … in Columbia, MD. TekSynap is a fast growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well planned information management environment. "Technology moving at the speed of thought" embodies these principles - the need to nimbly utilize the best that information technology offers to meet the business needs of our More ❯

Work for an award-winning provider of Security Services, specialising in Cyber Security Services such as Vulnerability Management, Information Security, Penetration Testing, and Managed Security Services. We boast a fully managed Security Operations Centre (SOC) staffed by dedicated professionals. We're seeking a skilled Cyber Security Engineer to join our clients eam. The ideal candidate will have expertise More ❯

in cybersecurity frameworks (e.g., MITRE ATT&CK, NIST, CIS), incident response, and threat intelligence In-depth knowledge of security operations, including SIEM, EDR, IDS/IPS, malware analysis, and vulnerability management Strong background in cloud security operations and monitoring across AWS, Azure, and GCP Preferred Proven success in incident resolution within SLAs and based on severity. Experience in More ❯

impact, and provide root cause analysis and remediation guidance to system teams. Leverage SIEM platforms and threat intelligence feeds to identify patterns, indicators of compromise (IOCs), and trends. Perform vulnerability scans, assist with patch tracking, and maintain POA&M documentation. Collaborate with cyber engineers to implement and refine monitoring, alerting, and defensive toolsets. Analyze system and network activity for … Working knowledge of networking protocols, system logs, and host/network forensics. Familiarity with tools such as Splunk, Kibana, Elastic, Suricata, OSQuery, or similar. Exposure to threat intelligence platforms, vulnerability management, or EDR solutions. Strong written and verbal communication skills with attention to detail. Active Secret clearance is required; TS/SCI preferred. Security+ or equivalent DoD More ❯

configuration, and ongoing buildout of Splunk ES, including onboarding new data sources, tuning correlation rules, and developing new detection use cases. • Collaborate with other teams to support incident response, vulnerability management, and threat hunting activities. • Conduct threat analysis, log analysis, and data enrichment using Splunk and other security tools. • Participate in regular security reviews and audits, providing evidence More ❯

Offensive security and exploitation techniques. Digital Forensics : Host, network, or memory-based investigation. Threat Hunting : Detection engineering and hypothesis-driven threat investigation. Knowledge of modern security tooling (SIEM, EDR, vulnerability management, SOAR). Strong documentation and communication skills; fluent in written and spoken English. Diversity, Inclusion, and Equal Opportunity We hire, promote, and compensate employees based on their More ❯

have now closed. We're seeking an experienced Cyber Defence Manager to safeguard our digital infrastructure View job & apply Location: Frankfurt Salary: 145,000 + Benefits Sector: Banking, Asset Management & Funds We're hiring an experienced IAM Lead to take ownership of identity governance and access controls View job & apply Location: Frankfurt Salary: 145000 + Benefits Job type: Permanent … Sector: Banking, Asset Management & Funds A growing investment firm headquartered in Frankfurt is looking to appoint a senior IT Governance View job & apply Location: Fully Remote Job type: Contract Position Overview: Fast growing FinTech seeking a highly motivated and technically capable DevSecO View job & apply SOC Manager Location: Fully Remote Job type: Contract Position Overview: Rapidly growing FinTech company … seeks an Incident Response Manager to join their CIRT team. This role plays View job & apply Location: Frankfurt Salary: 120,000 + Benefits Job type: Permanent Sector: Banking, Asset Management & Funds A fast-growing investment firm based in Frankfurt is looking for a motivated IT Governance & View job & apply Technical IAM Consultant Location: London when needed Job type: Contract More ❯

industry. We have an exciting opportunity to support the Air Force Enterprise IT as a Service (EITaaS) Wave 1, specifically advancing the solution for bringing the EITaaS IT Service Management offerings to SIPR. We are currently seeking a Nessus Engineer for an onsite position in Chantilly, VA. This position supports our cybersecurity initiatives by conducting vulnerability assessments and … ensuring the overall security of our networks and systems. This position is critical in maintaining and improving the integrity and safety of our infrastructure using the Nessus vulnerability scanning tool. The ideal candidate will have hands-on experience with Nessus or similar vulnerability management tools, a solid understanding of security best practices, and a passion for mitigating … risks in complex IT environments. Minimum of 10+ years' experience in vulnerability management, cybersecurity, or IT security. Hands-on experience with Nessus (or similar tools such as OpenVAS, Qualys) for vulnerability scanning and management. Experience with network protocols (TCP/IP, HTTP, DNS, etc.), operating systems (Windows, Linux, macOS), and security best practices. Installing and Configuring Nessus More ❯

SMX is seeking an Information Security Analyst to support the Navy's Risk Management Framework (RMF) processes. You'll help achieve and maintain Authority to Operate (ATO) for all supported systems, conduct network monitoring, vulnerability management, incident response, security enforcement, and threat analysis, and perform compliance auditing. We're looking for a collaborative Cybersecurity Analyst with a … strong foundation in the following areas: DoD information systems (IS), network administration, systems administration, and cybersecurity IS management Enterprise Mission Assurance Support Service (eMASS) Navy's RMF processes and POA&M tracking and resolution Navy's Security Assessment and Authorization (SAA) policies Knowledge of system functions, security policies, and technical security safeguards Assessing vulnerabilities within DoD Infrastructure and developing … systems for Navy Region Southwest (NRSW). You'll be responsible for maintaining compliance with RMF and other Department of Defense (DoD) cybersecurity standards, as well as managing daily vulnerability assessments and remediation tracking across various DoD IT systems and infrastructure. Direct experience with Navy Electronic Security Systems (NESS) Lenel systems, including security cameras, network switches, routers, and Voice More ❯

a crucial role in leading and managing complex Cyber Security projects, ensuring the successful execution of initiatives that safeguard our clients' organisations against evolving threats. Leveraging your extensive project management expertise and technical knowledge, you will partner with and contribute to the enhancement of the overall Cyber Security posture and resilience of our clients, collaborating with cross-functional teams … and resource allocation approaches. Conduct comprehensive risk assessments and develop mitigation strategies to address potential security threats and project risks. Utilise industry frameworks and standards to ensure robust risk management practices. Oversee and manage projects end-to-end in line with the Association for Project Management guidance. Manage projects such as Security Framework Audits and Implementation, Cyber Strategy … Cyber Risk Management, Data Privacy, Offensive Security, Security Architecture, and Cloud Security & Engineering. Lead the onboarding process for Managed Security Services including Managed Detection & Response, Cyber Threat Intelligence, and Vulnerability Management Services. Collaborate with technical teams to ensure seamless integration of managed services within clients' environments. Build and maintain strong relationships with internal teams and clients, serving More ❯

individual with a passion for defending complex digital environments from sophisticated threats. The successful candidate will be part of a dedicated team responsible for executing and advancing a comprehensive Vulnerability Management Program supporting mission-critical systems in a high-security environment. Essential Duties and Responsibilities (but not limited to): • Conduct proactive cyber monitoring and vulnerability management activities across a diverse enterprise IT environment. • Support the execution of vulnerability scanning, analysis, reporting, and remediation efforts, using tools such as Tenable Security Center (or equivalent platforms). • Collaborate with cross-functional teams to drive vulnerability remediation plans and lead working groups to assess, prioritize, and track mitigation efforts. • Collect, analyze, and validate open-source intelligence … enterprise intrusion detection systems (IDS/IPS), host/network security tools, firewalls, HIPS, WAFs, and event correlation. • Proven experience in cybersecurity operations, including threat analysis, incident response, and vulnerability remediation across multiple OS platforms (Linux, Windows, Mac). • Technical expertise in at least one scripting/programming language: Python, PowerShell, Bash, C++, etc. • Familiarity with cyber threat intelligence More ❯

in Washington D.C. and is contingent upon the award of the contract. Candidates must have an Active TS security clearance with SCI eligibility. Responsibilities: Lead the design, deployment, and management of enterprise server environments, including Windows Server, Linux, VMware vSphere/ESXi, and cloud platforms. Implement and manage Active Directory, Microsoft Exchange, DNS, DHCP, Group Policy, and related services. … Plan, schedule, and perform system patches, firmware upgrades, and security hardening in accordance with DISA STIGs, CIS Benchmarks, and NIST 800-53 controls. Conduct vulnerability assessments using tools such as Tenable.SC; remediate findings and document corrective actions. Administer centralized storage solutions, including SAN/NAS environments and perform backup and recovery operations using enterprise backup tools. Monitor system and … or Security+ Information Technology Infrastructure Library (ITIL) 4 Foundation certification must be completed within 6 months. Exceptional oral and written communication skills, capable of delivering clear, concise technical and management-level reporting across all organizational levels. Excellent interpersonal skills with the ability to work independently, prioritize tasks, and manage multiple initiatives with minimal supervision. Strong analytical and problem-solving More ❯

your personal journey. Your Job Responsibilities: Drawing up security project plans : Develop comprehensive project plans for implementing security measures across IT systems, outlining the scope, objectives, and deliverables. People management for the members of the various (security) teams : Lead and manage security teams, ensuring effective collaboration and performance among team members. Planning the security project in terms of timeline … Ensuring that security solutions comply with standards and best practices : Ensure that all security solutions adhere to industry standards and best practices, including resilience patterns, monitoring, and postmortems. Stakeholder management : Proactively coordinate with various project stakeholders to understand their security needs and ensure their requirements are met throughout the implementation process. Regular coordination with the steering group : Maintain regular … provide updates and receive guidance on security projects. Coordination with suppliers and external partners : Collaborate with suppliers and external partners to ensure the successful implementation of security solutions. Change management : Implement change management processes to ensure smooth transitions and adoption of new security measures. Reporting : Prepare and present regular reports on security project progress, risks, and outcomes to More ❯

the confidentiality, integrity and availability of enterprise information systems by supporting compliance efforts, assessing security controls, managing risk, and maintaining system authorizations under frameworks such as the NIST Risk Management Framework (RMF). This position plays a vital role in securing IT infrastructure and supporting continuous monitoring and audit readiness. Essential Duties & Responsibilities: Serve as the primary security point … the lifecycle. Develop, maintain, and update security documentation including System Security Plans (SSP), Security Assessment Reports (SAR), and Plan of Action and Milestones (POA&M). Conduct risk assessments, vulnerability scans, and facilitate remediation and migration. Ensure the implementation and assessment of security controls in accordance with NIST SP 800-53 and other applicable standards. Support the preparation, submission … and maintenance of Authorization to Operate (ATO) packages. Monitor system security configurations, audit logs, and patch management for compliance and threat detection. Collaborate with IT staff, system owners, developers, and auditors to ensure security posture aligns with business and regulatory requirements. Assist with incident response efforts and forensics support. Provide input to cybersecurity policy and process development. Support user More ❯

the confidentiality, integrity and availability of enterprise information systems by supporting compliance efforts, assessing security controls, managing risk, and maintaining system authorizations under frameworks such as the NIST Risk Management Framework (RMF). This position plays a vital role in securing IT infrastructure and supporting continuous monitoring and audit readiness. Essential Duties & Responsibilities: Serve as the primary security point … the lifecycle. Develop, maintain, and update security documentation including System Security Plans (SSP), Security Assessment Reports (SAR), and Plan of Action and Milestones (POA&M). Conduct risk assessments, vulnerability scans, and facilitate remediation and migration. Ensure the implementation and assessment of security controls in accordance with NIST SP 800-53 and other applicable standards. Support the preparation, submission … and maintenance of Authorization to Operate (ATO) packages. Monitor system security configurations, audit logs, and patch management for compliance and threat detection. Collaborate with IT staff, system owners, developers, and auditors to ensure security posture aligns with business and regulatory requirements. Assist with incident response efforts and forensics support. Provide input to cybersecurity policy and process development. Support user More ❯

support the development and delivery of the products (whilst considering cyber resilience) with the ambition to meet the Secure by Design principles. You'll ensure the development, implementation, and management of security protocols, tools, and practices on maturing products meets the appropriate standards and Def Cons. Working closely with the Integrated Product Team (IPT) frameworks with specialists from other … wider Product IA and Security community across Leonardo Electronics UK, influencing corporate policies, processes and guidance. Managing architects such as the generation of Technical Risk Assessments, Security Design and Management Documentation, and Remediation Action Plans. As well as this, you'll oversee the generation and approval of Product Security and Information Assurance Management Plan; Product Design Reviews; generation … of Product Security deliverable information (Product Integrity certificates, product security cases.) What you will be doing as a Lead Security Engineer; Risk Management: Perform risk assessments to identify potential security risks and work product development teams to implement mitigations and preventive measures. Incident Response & Mitigation: Assess and maintain the Incident Response Plan, lead the response to security incidents and More ❯

and solutions for securing applications developed on low (unsecure) networks and deployed on high (secure Government) networks, addressing specific challenges of data transfer, sanitization, and access control between domains. Vulnerability Management: Conduct and oversee vulnerability assessments, penetration testing, and security audits of web applications and supporting systems. Analyze results, prioritize findings, and work with development teams to … ensure timely remediation and mitigation strategies. Risk Management & ATO Support: Identify, assess, and manage security risks, contributing to the program's overall risk posture. Prepare and maintain comprehensive security documentation (e.g., SSPs, SARs, POA&Ms) to support Assessment & Authorization (A&A) processes and achieve/maintain Authority to Operate (ATO). Security Control Implementation: Advise and assist development teams … in the selection, implementation, and verification of appropriate security controls (technical, operational, and management) for web applications and their supporting infrastructure. Policy & Compliance: Interpret and apply relevant government cybersecurity policies, regulations, and guidelines to ensure program compliance. Incident Response Support: Provide security expertise and support during security incidents, contributing to containment, eradication, and recovery efforts. Continuous Monitoring: Support ongoing More ❯

Experience with Active Directory, DNS, DHCP, and domain administration - Knowledge of server virtualization platforms, such as VMware, Hyper-V for managing virtual machines - Ability to handle server backups, storage management (SAN/NAS), and recovery tasks - Deep understanding of Windows and Linux operating systems for configuration - Knowledge of OS patching, upgrades, and security hardening techniques - Experience with at least … storage, networking, security and managed services. - Skills in cloud infrastructure deployment, including virtual networks, VM instances, storage and monitoring - Understanding of cloud security practices (IAM, VPCs, firewalls), and cost management - Familiarity with IaC tools like Terraform, Ansible, or ClourFormation and automating infrastructure provisioning and configuration - Basic scripting skills in languages like PowerShell, Bask, or Python for task automation - Experience … with vulnerability management tools like Nessus, Qualys, or OpenVAS - Knowledge of endpoint security solutions (antivirus, anti-malware) and incident response procedures - Familiarity with Security Information and Event Management (SIEM) tools, like Splunk or QRadar - Ability to interpret metrics from network, server and application performance monitoring tools - Knowledge of log management tools and techniques for monitoring infrastructure More ❯

authorization Advise program managers on AO determination utilizing OVL documentation Provide senior advisory support to CDAO AO regarding authorizations of CDAO capabilities Utilize expert knowledge and experience regarding risk management strategies in support of a major DoD program Providing support regarding the agile authorization and OVL processes Provide independent risk analysis and recommendation Collaborate between the AO and the … other related degree fields (master's degree is preferred or at least 10 years of related experience) At least 10+ years of cybersecurity experience including a senior technical or management role, project or program management experience At least 1 IAT/IAM or equivalent security certifications ex. CISSP, CCSP, CISM, CISA, or CASP Must have an active TS …/SCI security clearance Preferred Have a strong background in ISSM, risk management, and GRC Strong clients focus and commitment to continuous improvement, ability to proactively network and establish relationships Manage multiple priorities in a high-paced and fast-changing environment Experience supporting and assessing risks within a CI/CD DevSecOps environment Key areas of experience would include More ❯

cyber and information security strategy ensuing it is aligned with ISO 27001, GDPR and Cyber essentials. Combining strong information security experience with hands-on technical knowledge of SIEM, EDR, vulnerability management and incident response. You will have the ability to translate technical risk into clear business advice. This is a great permanent opportunity to demonstrate your strong experience … and great benefits on offer. Skills/Experience and attributes: A minimum of 4-5 years experience working in a similar role Strong understanding of information security principles, risk management and compliance (GDPR, ISO 27001 and Cyber Essentials) Ability to talk technically then non-technically to the business Solid understanding of IT Infrastructure eg; networking, Active Directory and endpoint More ❯

cyber and information security strategy ensuing it is aligned with ISO 27001, GDPR and Cyber essentials. Combining strong information security experience with hands-on technical knowledge of SIEM, EDR, vulnerability management and incident response. You will have the ability to translate technical risk into clear business advice. This is a great permanent opportunity to demonstrate your strong experience … and great benefits on offer. Skills/Experience and attributes: A minimum of 4-5 years’ experience working in a similar role Strong understanding of information security principles, risk management and compliance (GDPR, ISO 27001 and Cyber Essentials) Ability to talk technically then non-technically to the business Solid understanding of IT Infrastructure eg; networking, Active Directory and endpoint More ❯

government customer. The Cyber Security Systems Engineer assesses and mitigates system security threats/risks throughout the program life cycle. Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. As a Cyber Security Systems Engineer, you will play a crucial role in enhancing our security infrastructure and ensuring a … supporting a key government customer. The ISSE assesses and mitigates system security threats/risks throughout the program life cycle. Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations. As an Information Systems Security Engineer (ISSE), you will play a crucial role in enhancing our security infrastructure and ensuring … in writing the documentation in order to ensure it's easy to understand. Document the various security control implementations as well as gather the artifacts that support the Risk Management Framework (RMF) and ICD 503 Security Accreditation for various Assessment and Authorization (A&A) efforts. Document and obtain a general understanding of the architecture being developed or that was More ❯

resource management. Review Azure Monitor analytics and Azure portal logs to identify and remediate subscription and resource issues. Manage containerized workloads using Docker and Azure Container Registries for image management and deployment. Implement automated monitoring, logging, and alerting systems using Azure Monitor, Log Analytics, and Application Insights. Collaborate with development and engineering teams to ensure seamless integration of applications … administering DevSecOps tools, including GitHub Advanced Security (CodeQL, Dependabot, SBOM), GitHub Workflows, and Visual Studio Code/Enterprise. Experience with security tools such as Trellix, Invicti, and Anchore for vulnerability management and compliance. Strong Windows Server administration skills, including troubleshooting SCCM issues and client-side domain joins. Familiarity with Linux (Ubuntu) administration for server and appliance management. Proficiency … of SQL integration in Azure environments. Familiarity with Infrastructure-as-Code tools (e.g., Terraform, Bicep) and configuration management. Experience with helpdesk support, including ticket ownership, problem resolution, and incident management using Remedy or similar ticketing systems. Knowledge of cloud security principles, including identity management, network security, and compliance frameworks (e.g., NIST 800-53, DoD STIGs). Understanding of More ❯

and third lines delivered by an internal information security team and external auditors respectively. This role covers the first line of defence, of which a large part is outsourced.Currently management of the 3rd party contract provisions related to security, together with various internal control responsibilities are covered by other members of the team for whom this is not a … and improve our information security controls as we seek to improve our infosec maturity using the NIST framework as an externally assessed benchmark.This first line role combines a contract management aspect with the requirement for hands-on process operation for internally managed controls such as access reviews, and some investigations such as subject access requests or insider threats.This role … security policies, standards and controls to internal and external auditors. Understanding and experience of various Information Security domains including Security Architecture, Information Security Governance, Network Security, Data Protection, Risk Management, Identity & Access Management, Vulnerability Management, Anti-Malware, Mobile Device Management and Cloud Security. Experience of working within Financial Services, whilst beneficial, is not essential. Don More ❯