All candidates must meet the following criteria: Must be a US Citizen, no dual Citizenships. Must be able to secure a Public trust clearance. Must be able to work across multiple programs across the Federal and DOD space. The core values that ECS looks for in an engagement manager include: Teamwork, Respect, Accountability, Integrity, and Leadership.
Vulnerability Management Lead
Location
United States
Posted
4 days ago
Salary
$115K - $135K / year
Seniority
Lead
Job Description
Vulnerability Management Lead
ECS Tech Inc
Role Description Everforth ECS is seeking a Remote Vulnerability Management Lead who lives in close proximity to the National Capital Region (NCR) to join a premier, enterprise-scale cybersecurity program supporting a major federal civilian agency. Please Note: This position is contingent upon contract award. Salary Range: $115,000 - $135,000. This flagship initiative unifies 24x7x365 Security Operations (SOC), proactive threat hunting, and advanced Security Engineering and Architecture into a cohesive defensive mission. As a key leader on this program, you will drive the protection of highly sensitive, national-level financial and personally identifiable information (PII). You will be at the forefront of modernizing the agency's cyber posture, implementing advanced automation, and ensuring continuous operational resilience across a massive, highly complex federal IT enterprise. As the Vulnerability Management Lead, you will serve as the principal technical authority for enterprise vulnerability identification, prioritization, and remediation across a large-scale federal civilian environment. Working closely with Information System Security Officers (ISSOs), Information System Owners (ISOs), compliance teams, and engineering personnel, you will drive a proactive, risk-based approach to vulnerability management, delivering measurable reductions in the agency's attack surface while ensuring continuous alignment with federal compliance requirements. - Oversee enterprise vulnerability scanning operations, remediation tracking, and stakeholder communication with POA&M support across the program. - Coordinate with ISOs, ISSOs, compliance, and engineering teams to identify, prioritize, and close security gaps in a timely and risk-informed manner. - Lead ATO, POA&M and continuous monitoring activities. - Develop and maintain dashboards and metrics to provide real-time visibility into vulnerability management posture, trends, and remediation progress. - Produce compliance reports and vulnerability governance data to support continuous monitoring, audit readiness, and cybersecurity decision-making. - Manage integration of vulnerability management tools including Tenable, AquaSec, and the Continuous Diagnostics and Mitigation (CDM) program into enterprise workflows. - Apply risk-based prioritization methodologies to ensure the most critical vulnerabilities are addressed in alignment with agency risk tolerance and compliance requirements. - Support the review and maintenance of Plans of Action & Milestones (POA&Ms), ensuring timely and accurate tracking of identified vulnerabilities and remediation activities. - Collaborate with SOC, threat hunting, and security engineering teams to correlate vulnerability data with active threat intelligence and hunting findings. - Present vulnerability management findings, risk recommendations, and program metrics to both technical teams and senior government officials in a clear, actionable format. - Develop and refine vulnerability management policies, procedures, and standard operating procedures to ensure alignment with federal regulations and agency requirements. - Support continuous monitoring activities and provide input into the overall security posture of the agency's federal IT enterprise. Qualifications - US Citizenship required. - 6+ years of cybersecurity experience, with demonstrated expertise in vulnerability management, operating systems, and networking. - Remote but within close proximity to the NCR. - Active Public Trust 6c clearance, or the ability to obtain and maintain one. - At least one of the following certifications: GCIH, CISSP, CISM, or CRISC. - Hands-on experience with Tenable, AquaSec, and CDM integration in a federal or enterprise environment. - Strong understanding of federal compliance frameworks including NIST RMF, NIST SP 800-53, FISMA, and FedRAMP requirements. - Experience developing and maintaining POA&Ms and supporting remediation tracking within federal information system environments. - Demonstrated ability to coordinate cross-functional teams, including ISOs, ISSOs, compliance, and engineering stakeholders, to drive vulnerability remediation efforts. - Proven ability to translate complex technical vulnerability findings into clear, actionable language for both technical and executive audiences. - Strong written and verbal communication skills, with a track record of producing high-quality federal security documentation.
Related Guides
Related Job Pages
More Full-stack Engineer Jobs
Product Engineer
Premium Guard Inc. (PGI)PGI delivers quality, reliability, and value customers expect. We pride ourselves on offering first-to-market coverage.
• Design and develop automotive, heavy duty/commercial vehicle and industrial filtration products, including liquid and air filter products • Utilize Product Data Management system for change approval, document revision, and document release • Coordinate development activities such as designing, testing, and production trials • Support internal objectives and initiatives of the Company business plan for new product, cost reduction, and manufacturing efforts • Assist with development of filtration product strategies • Represent Company to original equipment and aftermarket customers • Performs other duties as assigned.
Senior Desarrollador Fullstack
TINET S.A.¡Movilizamos la transformación, excelencia y cultura digital 🚀 !
• Diseñar, desarrollar y mantener sistemas fullstack robustos, escalables y eficientes. • Guiar decisiones de arquitectura, seleccionar tecnologías y establecer buenas prácticas de desarrollo. • Desarrollar e integrar APIs, optimizar consultas y modelado de datos. • Implementar pruebas unitarias y de integración, y asegurar la calidad mediante code reviews. • Colaborar con product managers, diseñadores y otros equipos para entregar soluciones centradas en el usuario. • Automatizar pipelines de CI/CD y participar en despliegues y monitoreo en producción. • Mentorar a desarrolladores junior/semisenior y fomentar la mejora continua del equipo.
• Architect and lead the development of modular, high-performance UIs using Angular • Design and implement robust, secure business services and APIs using C# .NET • Lead development within a cloud native environment with containerized applications using Docker • Drive DevOps maturity and automation • Champion automated testing strategies to ensure high quality deliverables • Ensure compliance with secure coding practices tailored to our highly regulated environment • Participate as a key member of an agile POD • Produce Technical design documents and commented code that adheres to company coding and documentation standards • Drive innovative practices including emerging trends in AI assisted coding and agentic coding
Junior Software Engineer
Ellit GroupsPutting patients at the heart of healthcare digital transformation enabled by information technology.
• Memiliki tugas yang terukur dari awal hingga akhir • Bekerja dengan tim untuk membangun dan mengirimkan kode yang berfungsi • Mengajukan pertanyaan tentang alasan pembangunan sesuatu • Mengomunikasikan status pekerjaan dengan jelas




