Vulnerability Management Lead

Vulnerability Management Lead (Job Number:440970)
Provide on-going support to the ISSO, ISSM, NCC, Server and Desktop Support teams to implement a Cyber Ready 365 posture.
Identify and draft mitigation guidance for vulnerabilities with no-vendor provided remediation.
Analyze publicly disclosed vulnerabilities of vendor software/hardware products and develop the mitigation/remediation orders.
Compile daily, weekly, monthly and annual vulnerability metrics associated with affected and non-compliant DoD Assets.
Utilize tracking tools/capabilities in a vulnerability management system to review manually uploaded and automated information from DoD component to report vulnerability orders and directives for compliance.
Identify, analyze, and develop mitigation or remediation actions for system and network vulnerabilities.
Develop, document, and convey IAVM operational requirements to enhance capabilities to identify, track, and remediate system and network vulnerabilities as well as automated vulnerability management capability.
Monitor the progress of and collaborate with internal and external organizations to ensure IAVM operational requirements are fulfilled.
Administer vulnerability mitigation and security activities to deliver 95% compliance for all messages, orders, and directives (e.g., IAVM, TCNOs, TASKORDS).
Upon notification from AFDW Cybersecurity Offices, perform vulnerability mitigation activities, as required/mandated by the appropriate CNDSP, CSSP, PENTCIRT, NOS, DoD or 24th AF Component.
Configure, manage, operate and maintain AFDW assigned instances of automated vulnerability management systems (e.g., Microsoft's System Center Configuration Manager (SCCM) and Automated Remediation and Asset Discovery (ARAD).
Build, configure, and deploy vulnerability remediation packages for automated vulnerability management systems (e.g., SCCM, and ARAD), when not available from DoD and Air Force Enterprise service providers.
Coordinate with the corresponding 24 AF organizations (e.g., 83 NOS, 561 NOS, 26 NOS) and administer local level requirements to ensure that End Point Security (EPS) (a.k.a Host Based Security System (HBSS)) products are current and operational in AFDW host systems IAW USCYBERCOM, AFCYBER, and applicable DoD Orders or policies.
Manage vulnerability detection, assessment, and analysis.
Ensure ACAS servers are properly maintained and in compliance.
Manage vulnerability remediation and provide oversite for vulnerability mitigation and security activities.
Conduct vulnerability management for UNIX and/or Windows systems on AFDW owned section of the AFIN.
Coordinate vulnerability management actions and POA&M actions with system owners.
Draft, coordinate, and track POA&Ms with the local Cybersecurity office, AF, and DoD components as required to support vulnerability management efforts.
Must be available for shift (0600 - 1800) 24/7/365, within 2 hours to meet with the COR if needed.
Travel is up to 10%.
Job Duties:
The Vulnerability and Management Lead works directly with the Information System Security Officer (ISSO) and Information System Security Manager (ISSM), NCC, Server and Desktop Support Teams to implement a Cyber Ready 365 posture.
The Vulnerability Management Lead is a key contributor in the Cyberspace focused boards, bureaus, centers, cells, and working groups (B2C2WG) (e.g., cyberspace resiliency working group).
The Vulnerability and Management Lead shall maintain communications and coordination between internal and external service providers in order to maintain situational awareness over the AFDW portion of the AFIN.
A Vulnerability Management Lead shall be on site 0600-1800, Monday through Friday, and available 24/7/365 within 2 hours to meet with the COR on site.
Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience ; PhD or JD and four (4) years or more experience.
Candidate must currently possess and be able to maintain a SECRET clearance.
The Vulnerability manager shall possess a Bachelor's Degree in Computer Science, Cyberspace Operations/Security and 9+ years experience, and current IAM Level 3 Certification (e.g., CISM, CISSP (or Associate), GSLC), and a minimum of 7 years of experience in managing IT operations centers.
DoD 8140/8570 IAM III certification required (at least one of CISSP, CISM, GSLC).
SAIC Overview:SAIC is a premier technology integrator providing full life cycle services and solutions in the technical, engineering, intelligence, and enterprise information technology markets. SAIC is Redefining Ingenuity through its deep customer and domain knowledge to enable the delivery of systems engineering and integration offerings for large, complex projects. SAIC's approximately 15,000 employees are driven by integrity and mission focus to serve customers in the U.S. federal government. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $4.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see My SAIC Benefits. EOE AA M/F/Vet/Disability
Job Posting: Oct 12, 2018, 9:06:52 AM
Primary Location: United States-MD-SUITLAND
Clearance Level Must Currently Possess: Secret
Clearance Level Must Be Able to Obtain: Secret
Potential for Teleworking: No
Travel: Yes, 10% of the time
Shift: Day Job
Schedule: Full-time

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

Vulnerability Management Lead
Suitland, MD SAIC
Vulnerability Management Lead with Security Cl...
Andrews Air Force Base, MD Leidos
Cyber Risk Vulnerability Management Senior Con...
Baltimore, MD Deloitte
IT Service Management Lead
Oxon Hill, MD CACI International
Vulnerability Management Analyst
Fort George G Meade, MD ManTech International Corporation