Director Emulation Engineer Jobs in Virginia (NOW HIRING)

Type of Requisition:

Regular

Clearance Level Must Currently Possess:

Top Secret/SCI

Clearance Level Must Be Able to Obtain:

Top Secret

Public Trust/Other Required:

None

Job Family:

Cyber and IT Risk Management

Job Qualifications:

Skills:

AI Red Teaming, Malware Reverse Engineering, Team Leadership, Threat and Vulnerability Management, Vulnerability Assessments

Certifications:

None

Experience:

10 + years of related experience

US Citizenship Required:

Yes

Job Description:

Position Summary

The Vulnerability Management Lead oversees teams that delivers comprehensive, standardsaligned security assessments and validation services across cloud, operational technology OT, industrial control systems (ICS), and enterprise environments identifying vulnerabilities, evaluating control effectiveness, and measuring readiness to strengthen the cybersecurity posture of government and commercial information systems. The successful lead directs tailored test plans (e.g., vulnerability assessments, penetration testing, SOC evaluations, phishing exercises), ensures actionable findings, and prioritized mitigation guidance.

Key Responsibilities

Assessment & Security Validation Leadership

• Oversee teams conducting comprehensive sitebased and remote assessments supporting, vulnerability management, compliance validation, and adhoc inspection needs.

• Ensure detailed assessments of technical and nontechnical controls across cloud, baremetal, and OT/ICS systems are aligned to NIST frameworks, Federal guidance, and Cyber Performance Goals.

• Direct tailored test plans.

• Oversee assessments of performance using red, blue, and purpleteam methodologies.

• Manage automated system and webapplication scanning, phishing assessments, and development of customized plugin policies.

• Enforce clear operational oversight practices-weekly status reports, daily assessment updates, formal kickoffs, and structured outbriefs.

Remediation Orchestration & Risk Reduction

• Oversee endtoend management of assessment findings-advising system owners on corrective actions and ensuring vulnerabilities are prioritized, fixed, mitigated, or appropriately riskaccepted (where/when applicable).
• Direct delivery of automated remediation tracking, trend analysis, and documented mitigation strategies.
• Ensure machinereadable assessment outputs are produced and that CISAstandard tools, techniques, and procedures.
• Integrate artificial intelligence/machine learning (AI/ML)enabled vulnerability discovery and enrichment tools.
• Leverage MLdriven risk scoring models to support prioritization of remediation actions, incorporating threat intelligence, exploitability indicators, adversary behaviors, and mission impact.
• Implement AIassisted analytics to evaluate remediation trends, predict control failures, and provide early warning indicators.
• Employ automated reasoning and natural language processing (NLP) technologies.
• Oversee integration of AIpowered attack simulation, redteam automation, and adversary emulation platforms.
• Direct the use of AIbased anomaly detection and behavior modeling.
• Ensure assessment and remediation workflows are compatible with AIenabled orchestration platforms, allowing realtime synchronization of findings, automated task assignment, and predictive remediation timelines.
• Guide adoption of MLassisted configuration baselining and drift detection capabilities that alert teams to deviations from secure architectures and federal benchmarks.
• Promote responsible and compliant use of AI/ML in vulnerability management.

Threat Emulation & Simulation Operations

• Oversee teams that emulate and simulate realworld threat actors in live and synthetic environments.
• Ensure the creation and operation of realistic, secure, and rapidly reconfigurable emulated network environments for representative cyberrange experimentation.
• Direct reproduction of adversary behaviors (intelligencederived TTPs, opensource reporting, government-provided data) in test/evaluation environments to improve detection and prevention.
• Oversee red and blueteam exercises on emulated networks using realistic tools, malware, and tradecraft.
• Ensure adversary behavioral characteristics from emulation activities are collected and transformed into improved analytics, detection logic, and defensive process enhancements.
• Employ MLbased behavior modeling engines to create adaptive threat actors.
• Use AIassisted cyber range orchestration tools to configure, deploy, and reset complex emulated environments, enabling faster test cycles.
• Implement AI/ML analytics to evaluate telemetry captured from emulation and simulation events, identifying defensive blind spots, response gaps, and control weaknesses.
• Leverage machine learning to generate synthetic malware variants, exploit chains, and network behaviors that stress test signaturebased and behaviorbased detection mechanisms.
• Direct the use of autonomous or semiautonomous redteam augmentation tools.
• Incorporate AIpowered anomaly detection systems into blueteam exercises to evaluate how effectively defensive tools and analysts.
• Ensure adversary emulation telemetry is transformed into machinereadable threat intelligence artifacts (e.g., STIX, ATT&CKmapped behavioral profiles).

Governance, Reporting & Continuous Improvement

• Maintain continuous communication with system owners and stakeholders.
• Recommend innovative processes and technologies that modernize assessment efficiency and accuracy, enabling scalable methodologies.
• Drive analytic rigor by producing custom testing artifacts and enhancing tooling/processes used across engagements.
• Implement AIenabled reporting workflows that automatically transform machinereadable assessment data into tailored dashboards, executive summaries, and auditready artifacts aligned with federal and CISA reporting standards.
• Employ natural language processing (NLP) tools to analyze assessment narratives, finding trends, common control failures, and opportunities for standardization or process optimization.
• Suggest the integration of AIassisted governance tools that predict remediation timelines, estimate risk reduction outcomes, and support decisionmaking for prioritizing enterpriselevel mitigation actions.
• Use machine learning to continuously evaluate the effectiveness of assessment methodologies and control validation processes, recommending evidencebased improvements to increase precision and reduce manual effort.
• Propose the adoption of generative AI tools to prototype new testing artifacts, emulate threat conditions, and accelerate the development of reusable templates that enhance efficiency across teams.
• Ensure responsible, transparent, and auditable use of AI/ML technologies within governance and reporting workflows, aligned with federal AI risk management practices and agencyspecific policies.

Required Qualifications

• Experience overseeing vulnerability management programs and security assessments (cloud, enterprise, OT) for largescale federal environments, including penetration testing and SOC evaluation.
• Demonstrated ability to manage remediation workflows, automated tracking, and risk acceptance processes aligned to federal frameworks (e.g., FISMA, NIST) and CISA standards.
• Familiarity with red/blue/purpleteam practices, phishing assessment design, and PoC exploit development to validate controls and detection logic.
• Strong communication and reporting skills (status reports, kickoffs, outbriefs) with a focus on measurable mission impact.
• 10 years of overall cybersecurity experience with 5 years of management of cybersecurity teams
• Experience integrating AI/MLenabled tools into vulnerability discovery, risk scoring, and remediation workflows, including automated analysis pipelines and machinereadable assessment outputs.
• Demonstrated ability to evaluate and operationalize AIassisted threat emulation, automated adversary simulation systems, or modeldriven redteam augmentation capabilities.
• Familiarity with AI/ML analytics used for detection logic improvement, control effectiveness measurement, and identification of systemic weaknesses across largescale enterprise or cloud environments.
• Handson experience using or overseeing AIpowered reporting and governance workflows, such as automated dashboarding, NLPbased narrative generation, or predictive remediation analytics.
• Knowledge of federal AI governance and risk management principles (e.g., NIST AI RMF, agencyspecific AI policies) and the ability to ensure responsible, auditable, and compliant use of AI within cybersecurity operations.
• Practical understanding of MLdriven behavioral analysis, anomaly detection, and adversary behavior modeling tools employed in SOC evaluation, emulation exercises, or continuous monitoring programs.
• Experience managing teams that utilize cyber range automation platforms or AIenabled orchestration tools to configure, deploy, and validate secure test environments rapidly and consistently.
• Ability to assess and validate output from AI/ML systems.

Desired Qualifications

• Experience with threat emulation/simulation environments and cyberrange operations that replicate adversary target spaces.

• Background turning adversary behavior insights into analytics and detection logic enhancements.

• Relevant certifications (e.g., CISSP, OSCP, GPEN, GICSP) and familiarity with CISA Cyber Performance Goals and NIST control baselines.

GDIT IS YOUR PLACE

• 401K: With company match.
• Health & Wellness: Comprehensive health and wellness packages.
• Career Growth: Internal mobility team dedicated to helping you own your career.
• Professional Development: Growth opportunities including paid education and certifications.
• Innovative Tech: Access to cutting-edge technology to stay ahead of the mission.
• Work-Life Balance: Rest and recharge with paid vacation and holidays.

The likely salary range for this position is $170,000 - $230,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Scheduled Weekly Hours:

40

Travel Required:

Less than 10%

Telecommuting Options:

Hybrid

Work Location:

USA VA Herndon

Additional Work Locations:

Total Rewards at GDIT:

Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 26,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.Join our Talent Community to stay up to date on our career opportunities and events at

gdit.com/tc.

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans